Latest Server related questions

Score: 0
andrew avatar
why linux cloned VM has not assigned IP from original VM network profil?
in flag

Using VC7. Any idea why cloned linux VM after start has no IP assigned ? Only solution is use customize OS during Clone.... As I understood "Clone VM" should copy whole VM. FYI: original VM was powered off, so no IP conflict there, and new VM eth link was UP. And original VM used static IP

Score: 0
Mr Pro avatar
How do I block outgoing SYN packets on my Ubuntu 18 server?
cn flag

I have an Ubuntu 18 server which is being used as a VPN server ( V2RAY ) . My VPS provider ( OVH ) has sent me this abuse report :

2022.10.22 12:40:47 CEST 51.91.11.***:53258 8.8.8.8:443 TCP SYN 60 ATTACK:TCP_SYN
2022.10.22 12:40:47 CEST 51.91.11.***:43752 157.240.21.63:443 TCP SYN 60 ATTACK:TCP_SYN
2022.10.22 12:40:47 CEST 51.91.11.***:49242 179.60.192.52:443 TCP SYN 60 ATTACK:TCP_SYN
2022.10.22 1 ...
Score: 0
isi_ko avatar
Bind9 Returning SERVFAIL for custom Zones
li flag

I'm trying to setup a DNS-Server for my Domains using Bind. The Server behaves correctly for noncustom Domains like google.com or github.com, but for my domains it always returns "SERVFAIL". I've already checked the zone file using named-checkzone which returns "OK".

My Zone config (defined in named.conf.local):

zone "michlfranken" {
  type master;
  file "/var/cache/bind/db.isiko404.dev";
};

My Option ...

Score: 0
Luis Usquiano avatar
SETTING UP A SSTP VPN SERVER (cannot establish the connection)
tc flag

Today I wanted to do some labs of SSTP Windows Server VPN. What I have done so far, it’s to build a Windows server 2019 as a Domain Controller and as a Certificate Authority.

From my CA I have created a self-signed server certificate in order to install it on my Windows Desktop Client

I have well prepared my server installing Routing and Remote Access role

On the tab "Security" (from properties) I ha ...

Score: 3
How to properly secure user's folders?
cn flag

On a file server, a base folder contain user's folders:

enter image description here

 

This base folder is protected against user's actions (deletion, rename, dump of files, etc), users can only read and traverse it:

enter image description here

 

To protect each user's root folder, I explicitly deny them the right to delete their own folder:

enter image description here

 

This imply to add a deny on each folder.
Doing it on the base folder does not work: deny to the group Users

Score: 3
guettli avatar
Forwarding to Gmail account via Postfix: SPF record with a hard fail
cn flag

I run a Postfix server which forwards one address to a gmail address.

# /etc/aliases
localuser: [email protected]

This works since several months. But if a sender has a SPF record with a hard fail, then the forwarding does not work:

  gmail-smtp-in.l.google.com[ said: 550-5.7.26 The
    MAIL FROM domain [example.com] has an SPF record with a hard fail 550-5.7.26
    policy (-all) but it f ...
Score: 0
Marc Antoine avatar
The nsupdate not updating the records
ps flag

nsupdate not update the records. Try to find where I'm wrong but I can't.

> server 192.168.1.117
> update delete _kerberos-master._tcp.example.com. SRV
> update add _kerberos-master._tcp.example.com. 3600 IN SRV 0 100 88 idmserver1.example.com.
> update delete _kerberos-master._udp.example.com. SRV
> update add _kerberos-master._udp.example.com. 3600 IN SRV 0 100 88 idmserver1.exampl ...
Score: 1
Mikha avatar
kube-apiserver started to die on start-up after a few months of good work - how can I check its logs?
cn flag

The stage: a control plane machine, kubernetes 1.24.3 on a baremetal Ubuntu 22.04, installed with kubeadm, there is also one worker node. The whole set-up worked like a charm for 4 months until some unknown silent kaboom yesterday (I actually don't exclude a sudden hardware issue)

The problem: port 6443 is listed by netstat for the first few minutes after the control plane machine start-up, and t ...

Score: 1
Chaos avatar
Linux instance vs Windows instance - different behaviour in an AWS private subnet routing traffic through a NAT
mx flag

I'm experimenting with a NAT gateway vs a Squid proxy in an EC2 instance (both of these placed in the same public subnet). To test connectivity, I'm using a private subnet to access the internet (once using a Linux instance, and then again using a Windows instance). The actual switch (squid vs NAT) is being done in the route table entry.

In other words, I test the following 4 combinations:

  1. Linux instanc ...
Score: 1
Trent avatar
Suricata Logged my Server Reaching Out to Known Abusive IP
wf flag

I recently installed Suricata as an Intrusion Detection System on my Ubuntu-22.04 server. I setup Suricata following a tutorial on digital ocean (https://www.digitalocean.com/community/tutorials/how-to-install-suricata-on-ubuntu-20-04), using the default ruleset.

Early in the morning Suricata generated and logged an Alert, showing that my server reached out to a known abusive IP address via SSH.

Score: 1
devGuru avatar
Possible STP Issue with Cisco SG350 Switches
mg flag

we are having a weird issue with a network of Cisco SG350 Switches that I cannot figure out. We are thinking it may be related to STP but have verified all the normal problem points (i.e. proper ports are showing as Root / SmartPort disabled / etc)

Here is the network diagram: Cisco SG-250 Network Diagram

As you can see, we have 5 Cisco SG350 switches, all in a parallel daisy chain, except switch ...

Score: 1
BaltoStar avatar
Windows test network folder permissions for another account
de flag

How to test that an account other than login account has access to a network folder ?

Here's an example :

I'm logged in as steves but I need to test if joej has access to :

\\contoso\dept\finance\payroll\taxes\
Score: 1
Edwin Drood avatar
Ubuntu 22.04 Jammy netplan goes missing
er flag

I would like to know if anybody experienced this. I am running the server cli version of Ubuntu 22.04.
After running apt, I see a message saying to run apt autoremove. (I did this) I also got a message about a kernel update and to reboot (I rebooted) Network never came up.

It did not take me long to realize that the iproute2 package and the netplan.io package were both gone. (both the ip and n ...

Score: 0
simona avatar
Saving ssh password with password manager
us flag

I am a user of a server with 2 level password authentication (keys+password). My passphrase for the keys is stored in the mac OS keyring app, but I cannot find a way to save my password.

I have read that it is possible to configure putty-tools in a way that the password is read from the keyring app.

Otherwise I would like to use any other method to use the password stored in the keyring.

Score: 0
Max avatar
How to setup PPTP on a remote Ubuntu server with static and only one network interface?
in flag
Max

I am trying to setup PPTP server on a remote dedicated server with only one static IP and on network interface and I am very confused about how to enable, I have no subnet on the dedicated server it is directly connected to the internet with an static IP, can anyone please illuminate me on this ?

Score: 1
Pablo avatar
How to upgrade mattermost running with docker?
cn flag

I'm hosting mattermost-6.3 via docker. I followed this documentation https://docs.mattermost.com/install/install-docker.html and cloned the repository https://github.com/mattermost/docker then I copied generated the .env file (from env.example) and with docker-compose -f docker-compose.yml -f docker-compose.without-nginx.yml up -d mattermost is up and running.

So far so good, but now I'd like to do  ...

Score: 0
How can I find the full list of acceptable `boot=` option of kernel?
de flag

I usually see options like boot=casper or boot=live. However, I cannot find anything describe the actual meaning of this option and I cannot find any piece of code handle this option at all. From kernel documents it said:

Parameters denoted with BOOT are actually interpreted by the boot loader, and have no meaning to the kernel directly.

So I guess this option is actually handled by whatever bootl ...

Score: 0
Legal avatar
High iowait on Ubuntu - having issues
fo flag

I have a server with Ubuntu 20.04 that ran without problems for a while. However, since a week ago, problems started to arise as everything became slow. On the server I run Virtualizor with a number of VM (VPS) servers.

It looks like everything is so slow because of high iowait. The server runs 3x a Samsung 870 QVO 1TB SSD. Can someone explain why there is such high iowait and how to solve it?

Comma ...

Score: 0
Anderson Silvestre avatar
Windows 10 Doesn't connect with Samba4 server
tn flag

I'm facing a problem with my samba server. I had a Samba server but it was a very old configuration so I have reinstalled the OS (Debian 5.10.140-1) and the Samba (Samba version 4.13.13). But now all the computers with Win10 cannot connect in the server. I get the message:

The device or resource (nameServer) is not configured to accept connections on the "File and Printer Sharing (SMB)" port.

I Have tr ...

Score: 0
user8749042 avatar
Best practices for PHP ini settings for large wordpress site?
be flag

I own a large wordpress site that gets

  • 500k+ visitors
  • 30+ plugins (some heavy)
  • server with 128 GB RAM

Wondering if there are "best practices" for php.ini settings for larger sites on Linux? I think my host may be cutting corners to save bandwidth, but I'm not 100% sure where to start on php ini settings.

Score: 0
Artem S. Tashkinov avatar
MariaDB replication lagging up to a dozen times a day for no obvious reasons
in flag

We first set up MariaDB replication using less powerful servers but considering our increased database load we had to rent more powerful servers and that's when the troubles began.

Right now the replication between the master and slave occasionally lags between 0 and 1000 seconds for reasons which we've not been able to identify. This happens on average a dozen times a day. Considering the nature ...

Score: 0
Gilberto Martins avatar
PTR registers for CNAMEs
cn flag

In my bind9 DNS server, I have my servers described like this:

[...]
prd1frm201      IN      A       172.21.10.2
dns             IN      CNAME   prd1frm201.kprd1.
ntp             IN      CNAME   prd1frm201.kprd1.

prd1frm202      IN      A       172.21.10.3
sentry          IN      CNAME   prd1frm202.kprd1.

[...]

And the reverse is defined like:

[...]
3                       IN PTR  prd1frm202.kp ...
Score: 0
DanRan avatar
Nginx FastCGI Error in logs: 38 FastCGI sent in stderr: "PHP message: PHP Warning: hash_equals(): Expected known_string to be a string
mx flag

I am running a LEMP server (Ubuntu 20.04 server) with fast cgi enabled, and am getting the following error message in the logs for one of my virtual hosts (one of my websites). Here is the full error with my website and IP address redacted:

[error] 2041#2041: *38 FastCGI sent in stderr: "PHP message: PHP Warning:  hash_equals(): Expected known_string to be a string, null given in /var/www/example.c ...
Score: 0
Gajus avatar
How to limit service availability based on CPU usage?
us flag

My Pods are allocated 1000m CPU. I would like to make Pod not-Ready when CPU usage is over 900m or 90% of the allocated resources.

Is there a configuration for this or do I need to implement a check in my application that would signal readiness based on the CPU usage?

Score: 0
Zek avatar
NGINX CentOS8 Server Block Configuration Issue
cf flag
Zek

I'm facing below issue when i need to activate server block from nginx.conf. Can you check it with me please?


sudo systemctl status nginx.service

● nginx.service - nginx - high performance web server

Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2022-10-21 18:28:13 +03; 11s ago Docs: http://nginx.org/en/docs/  ...

Score: 0
Josh avatar
How to pass remote server ip as header in haproxy tcp tunnel with accept-proxy enabled?
ae flag

I need to a variable for haproxy that is the actual remote ip while still using accept-proxy, like http-response set-header Upstream-Server %[req.real_ip]. %[src] does not work and sends the client ip from the proxy protocol if accept-proxy is active.

I have a setup like this:

  1. haproxy load balancers
  2. haproxy ddos protection servers
  3. nginx proxying to PHP web applications

1 accepts public Internet HTTP/ ...

Score: 0
nXn avatar
Ubuntu Apache Redirect All Request to HTTPS except Jenkins
ck flag
nXn

I am creating a configuring a Server using Ubuntu and Apache. Everything works fine except that when I use redirection of HTTP to HTTPS.

How can I write an exception case where every http request is redirected to HTTPS except when its for JENKINS.

JENKINS : http://www.example.com:8080/ <= Should not be redirected to HTTPS Normal Request : http://www.example.com/ <= Should be redirected to HTTPS

 ...
Score: 0
Legal avatar
High iowait causing problems
fo flag

Since a week I've been suffering from a server with VPS servers that is very slow and has a lot of IOWAIT. Can someone explain or tell what is causing this problems?

Command: iotop -aoP

  PID  PRIO  USER     DISK READ  DISK WRITE  SWAPIN     IO>    COMMAND
 338273 be/4 root          0.00 B      0.00 B  0.00 % 33.41 % [kworker/u130:0-events_unbound]
 344858 be/4 root          0.00 B      0.00 B   ...
Score: 0
alex.bour avatar
Nginx+Passenger error log, Checking whether to disconnect long-running connections for process
br flag

I found these errors in my Nginx error logs. I use a dedicated server (Ubuntu) with 2 websites/apps (running also a sync engine with APIs)

[ N 2022-10-21 11:40:55.2857 5800/T3 age/Cor/CoreMain.cpp:1147 ]: Checking whether to disconnect long-running connections for process 5969, application /home/admin/rails/prod/current (production)
[ N 2022-10-21 11:46:38.3071 5800/T3 age/Cor/CoreMain.cpp:1147 ]:  ...
Score: 0
glenatron avatar
Nginx running site out of wrong folder
cn flag

On my Debian 10 VPS I have a MediaWiki deployment that I'm hosting on wiki.myorg.com stored on the filesystem using a soft link to manage versions like this:

/var/www/mediawiki/1.34.4
/var/www/mediawiki/1.38.2
/var/www/wiki -> /var/www/mediawiki/1.38.2

Then in nginx.conf I have the configuration pointing the home directory of the site:

server {                                                       ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.