Latest Server related questions

I am using VPS from OVH as a reverse proxy to protect my dedicated server from DDOS attacks. OVH has very good DDOS protection. My dedicated server hasn't.

Everything works good, I am attacking my VPS a lot via TCP attacks and OVH starts mitigating it very fast, my players (becouse I am running game server on dedicated) notice nothing.

The problem is when I attack my VPS via UDP attack. OVH starts m ...

I have Rocky Linux 8.6 server that is joined to Active Directory and I can login to it with AD accounts. I have also mounted a NFS drive to the server. The home directories for AD accounts have been specified at the mount with the below variable in the /etc/sssd/sssd.conf file.

fallback_homedir = /mnt/nfs/home/%u

Now the issue is all the system users can easily load environment variables and configura ...

I have installed both MetalLB and Keylcloak to my cluster. Both Keycloak's and MetalLB's pods are running, but the main Keycloak Load balance service is expecting IP (EXTERNAL-IP is in pending state).

Here is my MetalLB config map:

apiVersion: v1
data:
  config: |
    address-pools:
    - addresses:
      - server-ip/32
      name: default
      protocol: layer2
kind: ConfigMap
metadata:
  annotations ...

I'm running an Ubuntu mail server with Dovecot 2.2.33 and am using system accounts:

passdb {
  driver = pam 

I have about 100 mail users.

I would like to impose per-user storage quotas, but the Dovecot docs on per-user quota configuration say:

The Passwd userdb doesn’t support extra fields. That’s why you can’t directly set users’ quota limits to passwd file. One possibility would be to wr ...

I've recently updated to MB Supermicro X12STH-F, Intel Xeon 2388G and I can't make it sleep (OS Windows 10 Pro). It's a server motherboard and cpu, but my previous MB/CPU was also server and sleep was working fine. I read that some server motherboards don't support sleep, but all the cases were about servers with 8+ RAM modules. The justification was that stand-by power won't be enough to refresh all 8  ...

trying to configure Grafana to login with LDAP credential. The host is properly connected but can't login with ldap. I can see the search result from ldap host for my username (picture). Can anybody help here?enter image description here

I'm new to zoning using Cisco MDS (9250i) to a Cisco UCS and was shadowing one of my colleague. I noticed he used the WWPN of the Linux server output systool command. I logged in to the CIMC and compared the WWPN but they are different.

The zone to the target LUN worked, but I was just wondering if its the best practice?

If I used the WWPN of the physical server's fabric ports (from CIMC) rather tha ...

I’m trying to use a cronjob to run a shell script on my EC2 instance, which SSH’s to a server to get a mongodump of a database and restore at a given specific time without me having to login.

I’ve already ssh-copy-id id_rsa as well.

So after some research, this is my updated shell script (fake hosts for privacy reasons)

auth=`find /tmp -user $LOGNAME -type s -name "*agent*" -print 2>/dev/null`
S ...

I have been going on through many artciles to find solution to one of our issues.

We are trying to find solution to DNS recusrion.

We have 10 websites for which we have created Host A records but now the problem is other links for which A record does not exist it does not work, we want it to go outside and resolve through public DNS.

For Example we have zone name contoso.com and we have created 10 reco ...

I am using SOCAT linux command for relaying udp packets. Currently I am simulating using VMware.

I used sudo socat -T 10 UDP4-LISTEN:132,reuseaddr,fork UDP4:192.168.11.130:130,bind=192.168.11.131:133 command that listens on port 132 and forward udp traffic through forking a child process to 192.168.11.130:130 using 133 port (192.168.11.131 is the server address) and it is bi-directional. So if client1:c ...

I have a Nginx proxy server for a Node.js service which reads multiple files and generates a response. I want Nginx to add basic caches for me:

upstream my_http_servers {
    server 127.0.0.1:7001;
}

proxy_cache_path /var/cache/nginx-combo levels=1:2 keys_zone=my_cache:10m inactive=1w max_size=200m;

server {
    listen 80;

    proxy_cache my_cache;

    location / {

        # %%%%%%%%%%%%% SPEC ...

We host an App Service in our tenant (xyz.onmicrosoft.com), and I am using Azure Identity services for authentication. I want to grant access to the application to users in another Azure tenant (customerxyz.onmirosoft.com).

One possibility is to invite each user as a Guest to our tenant individually. Then assign them access to the Enterprise application.

Ideally, I would like to control access to th ...

I've configured my guacamole testing instance to the point where, when I enter a username and password at the prompt, I see an ldap bind request at my domain controller.

obviously that is not my real password

It then responds with invalidCredentials (49) and AcceptSecurityContext error, data 52e

I've read that error 49 means that the username may be correct but the password is incorrect. Well I  ...

My server is setup to use virtualmin for managing configurations. In trying to resolve a php issue when a wordpress plugin installation, I inadvertently broke the settings on my domains so they no longer use the individual php ini files in their subfolder, but instead all point back to the server's main php.ini file under /etc. I can't seem to find the apache or php configuration to revert the behavior  ...

I just added cloudfare to my website and website started showing weird errors after that which are automatically solved after refreshing the page 3-4 times. But after surfing the website, the same error gets showing in some other web page. This is the error:

Warning: mysqli_connect(): php_network_getaddresses: getaddrinfo failed: Name or service not known in public_html/phpConfigs/DBConfig.php on ...

localhost development server :

Server : Apache/2.4.46 (Unix) OpenSSL/1.1.1j PHP/8.0.3 mod_perl/2.0.11 Perl/v5.32.1

I'm sending etag & last modified response headers with php :

  "Connection    : close"
  "Content-Type  : text/html; charset=UTF-8"
  "Date          : ".gmdate("D, d M Y H:i:s")." GMT";
  "Last-Modified : ".$lastmod;
  "Etag          : ".$etag;
  "Expires       : 1" //can't have  ...

I had a problem with my server and my VPS provider only wanted to give me a backup of the VM disk in qcow2 format, he told me that I should virtualize and mount that and then get my data and take responsibility, now I find that I don't know how I can explore my files in that disk image had in the vm WHM and cpanel I need to recover those files.

Could I use virtualbox in windows or should I mount  ...

I am running Ubuntu Server 20.04 on an oracle cloud instance. In Ubuntu, When I type ip a it returns the following (showing only my private Oracle IP attached to the VNIC):

2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 0X:0X:1X:1X:1X:9X brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    inet 10.0.0.119/24 brd 10.0.0.255 scope global en ...

I have a backup box using ZFS (on Ubuntu 20.04 LTS) where I use rsnapshot to back up a number of websites. These websites have a fair amount of duplicated data.

I have just enabled de-duplication of the ZFS volume, but I am at a loss as to how to de-duplicate the existing data - specifically as rsnapshot uses hard links, I don't know how I can rewrite the existing data to force deduplication to  ...

I am trying to trace packets using sniffer using (https://github.com/eldadru/ksniff) but I am unable to make out how to trace packets and check if cluster IP is in use for Nodeport SVC.

I have the following scenario:

app1_sts.yaml
===

apiVersion: apps/v1
kind: StatefulSet
metadata:
  labels:
    cluster: appcluster
  name: app1
  namespace: app
spec:
  selector:
    matchLabels:
      cluster: appclu ...

I have a problem with setting different grace period for each user

My setup:

1.Virtualbox 6.1

2.Fedora workstation 35

3.Extra partition created with fdisk utility for lab purposes.

Filesystem: ext4

Partition type: Linux

Partition size 2G

[root@fedora /]# lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda      8:0    0   20G  0 disk 
├─sda1   8:1    0  1.5G  0 part /boot
├─sda2   8:2    0  ...

I've got a Dovecot/Postfix server running on a Raspberry Pi running Raspbian 10 (Buster) I have two domain names running on the same server which for privacy I'll call DOMAIN 1 and DOMAIN 2. Both have e-mail addresses associated with them, and both domains send and receive e-mail fine.

HOWEVER, whenever I try to check e-mail particularly with Outlook, I get a warning for DOMAIN 2 "The server you  ...

I have a domain name publicly connected to my home address, so I can access a webserver locally. For example: webserver.domain.com

But when trying to reach this from inside my home, I get on the web page of my router.

So I tried setting up a DNS server internally to be able to define static addresses with their internal IP address. For example: webserver.domain.com -> 192.168.0.10

When trying to use ...

I have the following topology

PfSense -> Nginx -> Webserver where my app is listening under port 8080

My NGINX configuration file looks like:

log_format  webapp_log_format  '$remote_addr - $remote_user [$time_local] "$request" '
                                '$status $body_bytes_sent "$http_referer" '
                                '"$http_user_agent" "$http_x_forwarded_for" '
                   ...

I'm trying to automate some of my processes when adding a new hyper-v vm. One of the steps I have to do manually is add the newly created and attached vhdx to the new virtual machine.

It shows up like this:

Is there a way to automate adding this new vhdx to the vm with a specific drive letter? The name of the vhdx is not the same every time.

I wanted to added that the host server is a hosted dedicat ...

I need to create a "dynamically allocated" hard disk file on virtual box but on creation dialog there is no option to it, there is only "Pre-allocated Full size" and "Split into 2GB parts" options on dialog as image below: VirtualBox disk creation dialog

Overall goal:

Block specific emails with have "a name" included in their FROM envelope. Example: John <[email protected]>

Current situation:

I have successfully configured the main.cf of Postfix to utilize check_sender_access in smtpd_recipient_restrictions.

I have created my own sender_access file, used postmap on it, so it generates sender_access.db, which is used then by main.cf.

My sender_a ...

Using MariaDB 10.7.3 via Homebrew on MacOS Monterey 12.6.1

While trying to recover the database after a system crash, I am stuck with the following situation.

[Note] mysqld (server 10.7.3-MariaDB) starting as process 41828 ...
[Warning] Setting lower_case_table_names=2 because file system for /opt/homebrew/var/mysql/ is case insensitive
[Note] InnoDB: !!! innodb_force_recovery is set to 1 !!!
[Note] I ...

I have a local server setup in my LAN with an always on openVPN client. Therefore the public ip address of this server is not the same as the public ip of the router it is connected to.

If I own a domain name, and add a DNS A record that points to the server's public ip, (ip set by vpn), then I access my web services with http://my-domain.com:<port>, how vulnerable to attacks is this connection?

I try to understand if thttpd support header because my webserver doesn't show the HSTS and I don't think he use it and I want that he will do.