Latest Server related questions

Score: 0
Aidvi avatar
Setting apache2.conf variables with Ansible issue
bh flag

i have a simple ansible playbook that sets two ini variables.

- name: set Apache timeout
  community.general.ini_file:
    path: /etc/apache2/apache2.conf
    section: null
    option: Timeout
    value: 900
    state: present
    exclusive: true

- name: set Proxy timeout
  community.general.ini_file:
    path: /etc/apache2/apache2.conf
    section: null
    option: ProxyTimeout
    value: 900
    ...
Score: 0
renanleandrof avatar
Google Cloud: what tool to use to split a request?
ck flag

I would like to put something in front of my apps and Cloud Compute in Google Cloud, in a way that when a HTTP request comes in for any app URL's I can send another request to another APP somewhere and then move on with the original request of the user.

What is the tool in Google Cloud to achieve that?

Score: 0
BenRoe avatar
Nextcloud with Docker Compose behind reverse proxy (nginx) with proxy_pass (leaking images)
cn flag

I have Nextcloud running with the following docker-compose.yml file and I use Plesk with nginx as a reverse proxy.

My problem is that the images are accessible without a login. I can open a image with the following url https://nc.mydomain.com/core/preview?fileId=30&x=2880&y=1800&a=true

I tried the nginx directives from the Nextcloud docker-compose example on Github. Problem here is it does ...

Score: 2
marafado88 avatar
Connect-IPPSSession with CertificateThumbPrint cmdlet showing sign in popup
in flag

I've set an application to be used by a script, to login on exchange online on an unattended way, following this tutorial.

But when I try to login with it, I got the following outcome, there is a login sign in popup that its not supposed to show:

enter image description here

Note, I've that certificate installed in the same machine where I am running this script:

enter image description here

The way that I've used to create that certificate is the one step 3,  ...

Score: 0
rokkotnik avatar
Outlook defaults to SSLv3 after windows update
cn flag

I have disabled SSLv3 protocols in my postfix configuration, and outlook still tries to connect and I am getting error: SSL_accept:failed in SSLv3 read client key exchange A

My main.cf

smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_mandatory_protocols  = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols           = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols            = ! ...
Score: 3
how to find page size of my SSD?
de flag

Most of my SSD's report 512 as physical sector size when querying with smartctl, nvme-cli and hdparm. But we know these are all fake values. I would like to know the proper page size so I can get the optimal sector size for FS. However, I cannot find any information about it on system or on the product webpages. From only sources, most large SSDs' has sector size more than 4k, they intend to have 16k o ...

Score: 0
John Doe avatar
Will a web server get blacklisted for port scanning?
in flag

As I understand it, port scanning is an activity that can be a precursor to malicious activity, as one of the things it is used for is to scan for open ports that one can attack.

In that train of thought, why do sites like the following exist? Won't they get blacklisted by some web servers as a result?

Score: 0
chrislamp avatar
Why Firefox is trying to access .bashrc?
pg flag

This Ubuntu 22.04 installation is fairly new. Why firefox is trying to read .bashrc and many other files. Does this indicate a security breach?

[340664.822484] audit: type=1400 audit(1665738538.467:3862): apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/home/chris/.bashrc" pid=232464 comm="pool-firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Score: 0
TomGrill Games avatar
Postfix: Rewrite header FROM sender based on sasl login username
cn flag

Lets say I got a sasl login user called myloginuser. The user owns the domain: example.org and has set up following email address: [email protected]

myloginuser is authenticated and wants to send an email.

His mail client is misconfigured and sets From: Sid Sample <[email protected]>

I want postfix to rewrite header to From: [email protected] <[email protected]> as a fallback in case the clien ...

Score: 0
Laurent Claessens avatar
pritunl-client (cli): create the tar from ovpn
by flag

I want to add a vpn configuration using the CLI:

pritunl-client add foo.tar

Unfortunately I do not have foo.tar, but only foo.ovpn. Adding foo.ovpn using the gui (pritunl-client-electron) works.

tar -cf foo.tar foo.ovpn is not sufficient :

> pritunl-client foo.tar 
panic: profile: Conf data missing
[...]

QUESTION: how do I create a tar file accepted by the cli from a ovpn accepted by the gui ...

Score: 0
Chris Ward avatar
Reply IP packets lost when using eBPF and AF_XDP --- where do they go?
US flag

I have a test case eBPF/AF_XDP test case which is supposed to take incoming ethernet packets from an interface, send them to user-space using an AF_XDP socket, filter them according to some criterion (for the moment I am accepting all packets), and send them into the Linux kernel for regular network stack processing using a tun/tap 'tun' interface.

To get the test case to go, you have to copy the ...

Score: 0
Raloseq avatar
Working directly on network drives cause lags
pe flag

i have a problem with network drives. Users are working directly on files in network drive (mostly graphic files like .ai, .psd etc. from adobe). Drives are mapped via gpo from another server (shared folders on server b are mapped to users on server a). It doeasn't matter if file is large or small. The problem is that when they'are editing file it's lagging, u need to wait several second to scroll down, ...

Score: 0
Serial42 avatar
REST requests to an API falls in timeout randomly
aq flag

0

I developed a web app that communicate with an external API in REST. Most of the time I have no problem, but a few times (1 or 2 times a day) I have my request which is timed out although the message I send is correct.

By analyzing with Wireshark, here is the error I get when a request is timed out : [TCP Retransmission][TCP Port numbers reused]

There's an error to upload an image, so you'll find the ...

Score: 0
Legion avatar
Exchange or o365
im flag

this may be a stupid question, so I apologize in advance.

But how can I find out if an email is an o365 account or an exchange server. So for example [email protected].

With nslookup and set type=mx I get this below, but I can't find out what kind of account it is.

heizoele-sternath.at
Server: 10.221.255.1
Address: 10.221.255.1#53

Non-authoritative answer:
heizoele-sternath.at mail exchanger = ...
Score: 0
BaltoStar avatar
How to test Windows Service Account can login to SQL Server database?
de flag

How to test that a Windows AD service account has been granted access to read from a SQL Server database server via Windows Authentication ?

This would need be an isolated test independent of any operations running within the Windows Service.

Score: 0
Joseph Ngechu avatar
How can I view the gui for a virtual machine on Ubuntu Server?
um flag

I set my main machine to run Ubuntu Server because my old Optiplex finally bit the dust (RIP). I'm trying to set up a virtual machine using Ubuntu Server as a host and just allocate resources as needed to a Windows 10 VM. To be specific, I want to access that VM directly at the machine, not remotely. How do I do that? Thanks very much for any help.

Score: 0
Matthew avatar
How does DNS work with websites that have large traffic and multiple servers?
lr flag

Based on what I learned from CS50x, each computer on the internet has its own unique public IP address. Some computers are used on the client-side to access websites, while other computers are used as servers that respond to requests (by providing data from their computers' databases, or more generally, fulfilling some "service(s)" for the client). When a client visits a website, they must make a request ...

Score: 0
ktiwari avatar
Nginx equivalent for apache mod_rewrite rule
zw flag

My script is hosted on centos 7 apache server, with below htaccess:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A ...
Score: -1
OSS IT avatar
How to create file history/ restore from previous version so that can retrieve accidentally delete shared network folder or file
tm flag

How to create file history/ restore from previous version so that can retrieve accidentally delete shared network folder or file

enter image description here

Score: -1
icu222much avatar
How to determine if NTP has updated the time
us flag

I am on a Raspberry Pi and have a service that wants to know how inaccurate (ie - number of seconds) the system time is if the system time is off by at least one minute. When Raspberry Pi starts up, NTP has already updated the time before my service has a chance to start. How would I accomplish this?

I have tried updating /etc/ntp.conf by enabling statsdir:

statsdir /var/log/ntpstats/
statistics lo ...
Score: 1
Maurice avatar
Why do i need to restrict permissions on a PEM key?
ua flag

I have a .pem key file that i use to ssh to my ec2 server. I've moved this key file to an encrypted external SSD disk. This has caused the owner of the pem key to be set to 'everyone'.

When i try to use this key in cmd.exe i get the warning

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ...
Score: 0
CryptoFool avatar
Any way Nginx can resolve a CNAME (or look up a URL elsewhere) and then redirect to the result?
cn flag

I've got an AWS API Gateway endpoint with a URL like this:

https://xxxxxxxxxx-vpce-09572222209cd2305.execute-api.us-west-1.amazonaws.com

I want to create an easy to remember alias for that name that I can use in my browser. I've already got an Nginx gateway that is redirecting to a number of other servers. So I just had to add a few lines to that machine's config: Here's what I'm doing right now: ...

Score: 0
Masood Lapeh avatar
Double Proxy: IPSec to Server1 then SSH to Server2
cy flag

What I'm trying to achieve:

(Clients)<IPSec Xauth PSK>(Server 1)<SSH-based SOCKS5>(Server 2) --> Free Internet

How is that possible for both UDP and TCP traffics?

What I've done:

I ran this on Server1:

ssh -N -D 1080 user@Server2:7999

I used gost for transparent proxying, and copy-pasted and modified a few lines of iptables script from their docs:

For TCP

gost -L "red://:12345?sniffing ...

Score: 0
Carlos Torres Hanna avatar
Managesieve Rouncube no connect to the server
cv flag

I had a Dovecot and Roundcube server installed on the same machine, and Managesieve worked fine.

But I changed Rouncube to another server and I can't get managesieve to connect.

I already modified the managesieve configuration file indicating the IP of the Dovecot server, but in the rouncube log I see that it tries to connect to localhost, I don't understand...

Unable to connect to managesieve on local ...

Score: 0
Павел Шаффер avatar
Dovecot gz trailer has wrong CRC
lu flag

Installed hestia with dovecot+exim4+roundcube. Setted up gzip by adding

  zlib_save = gz
  zlib_save_level = 6

in config.

Added loading module in imap conf. Im using thunderbird to read and sent messages but some messages in maildir were broken and thunderbird cannot finish downloading sent folder.

read /path/to/message failed. gz trailer has wrong CRC value at 8192 (read reason=mail stream)

UPDATE: Ye ...

Score: 0
Bobby avatar
Why does System CPU usage degrade so much
mk flag

Background: We are running a set of Ubuntu servers that gradually degrade until they reach a point of total unsuitability. What runs on those servers are solely Java Springboot services running on Java8, multiple of them on each server. Those servers run on top of EXSI and have an HaProxy balancer in-front of them to split the load in a roundrobin fashion.

The problem: Over time the System CPU us ...

Score: 0
jamheadart avatar
Connecting to SQL server on a virtual machine is more computationally expensive than a dedicated SQL instance?
cn flag

I have two options:

I can connect my web app to a SQL server hosted on a virtual machine, or I can connect it to a dedicated SQL server instance. All will be hosted in the same zones in Azure / AWS e.g.

Now I want to write to this SQL server ten million times in a row in a foreach loop.

Will the dedicated SQL server instance perform better than the virtual machine or will it not make a difference?

 ...
Score: 0
MrBuzz73663 avatar
Rsyslog server logging different subnets to different locations
kz flag

I wonder if you can help me to configure rsyslog to write logs from different subnets to different locations, ie:

Log everything coming from subnet 192.168.1 to dir. /log/subnet1, from subnet 192.168.2 to /log/subnet2.

Problem is that i have already plenty preconfigured templates - for each message type. Tried to adjust below example but without joy.

$template PerHostAuthSub1,"/log/subnet1/%$YEAR%/%$MONT ...
Score: 1
MrBuzz73663 avatar
Syslog server redundancy
kz flag

Gentlemen ,

There’s a requirement for syslog server redundancy. Most of the syslog clients are network devices and appliances on which you can configure only one syslog server as destination. I been thinking about keepalived and virtual up shared between two syslog servers, so if one will be down, logs will be send to secondary server. All looks good on the paper. Anyone tried this? Will this  ...

Score: 0
Rubycon avatar
Password expiration with sssd
cn flag

I'm trying to configure password expiration warnings and access rejection with SSSD+LDAP by setting the following:

[domain/LDAP]
ldap_access_order=filter,expire
ldap_pwd_policy = shadow
ldap_access_order =  pwd_expire_policy_warn
ldap_user_shadow_expire=passwordExpirationTime
ldap_user_shadow_warning=pwmLastPwdUpdate
pwd_expiration_warning = 7

However I'm struggling with time formats: my LDAP server r ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.