Latest Server related questions

i have a simple ansible playbook that sets two ini variables.

- name: set Apache timeout
  community.general.ini_file:
    path: /etc/apache2/apache2.conf
    section: null
    option: Timeout
    value: 900
    state: present
    exclusive: true

- name: set Proxy timeout
  community.general.ini_file:
    path: /etc/apache2/apache2.conf
    section: null
    option: ProxyTimeout
    value: 900
    ...

I would like to put something in front of my apps and Cloud Compute in Google Cloud, in a way that when a HTTP request comes in for any app URL's I can send another request to another APP somewhere and then move on with the original request of the user.

What is the tool in Google Cloud to achieve that?

I have Nextcloud running with the following docker-compose.yml file and I use Plesk with nginx as a reverse proxy.

My problem is that the images are accessible without a login. I can open a image with the following url https://nc.mydomain.com/core/preview?fileId=30&x=2880&y=1800&a=true

I tried the nginx directives from the Nextcloud docker-compose example on Github. Problem here is it does ...

I've set an application to be used by a script, to login on exchange online on an unattended way, following this tutorial.

But when I try to login with it, I got the following outcome, there is a login sign in popup that its not supposed to show:

Note, I've that certificate installed in the same machine where I am running this script:

The way that I've used to create that certificate is the one step 3,  ...

I have disabled SSLv3 protocols in my postfix configuration, and outlook still tries to connect and I am getting error: SSL_accept:failed in SSLv3 read client key exchange A

My main.cf

smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_mandatory_protocols  = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols           = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols            = ! ...

Most of my SSD's report 512 as physical sector size when querying with smartctl, nvme-cli and hdparm. But we know these are all fake values. I would like to know the proper page size so I can get the optimal sector size for FS. However, I cannot find any information about it on system or on the product webpages. From only sources, most large SSDs' has sector size more than 4k, they intend to have 16k o ...

As I understand it, port scanning is an activity that can be a precursor to malicious activity, as one of the things it is used for is to scan for open ports that one can attack.

In that train of thought, why do sites like the following exist? Won't they get blacklisted by some web servers as a result?

• https://www.whatismyip.com/port-scanner/
• https://www.advanced-port-scanner.com/
• https://hidemy.name/en/ ...

This Ubuntu 22.04 installation is fairly new. Why firefox is trying to read .bashrc and many other files. Does this indicate a security breach?

[340664.822484] audit: type=1400 audit(1665738538.467:3862): apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/home/chris/.bashrc" pid=232464 comm="pool-firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

Lets say I got a sasl login user called myloginuser. The user owns the domain: example.org and has set up following email address: [email protected]

myloginuser is authenticated and wants to send an email.

His mail client is misconfigured and sets From: Sid Sample <[email protected]>

I want postfix to rewrite header to From: [email protected] <[email protected]> as a fallback in case the clien ...

I want to add a vpn configuration using the CLI:

pritunl-client add foo.tar

Unfortunately I do not have foo.tar, but only foo.ovpn. Adding foo.ovpn using the gui (pritunl-client-electron) works.

tar -cf foo.tar foo.ovpn is not sufficient :

> pritunl-client foo.tar 
panic: profile: Conf data missing
[...]

QUESTION: how do I create a tar file accepted by the cli from a ovpn accepted by the gui ...

I have a test case eBPF/AF_XDP test case which is supposed to take incoming ethernet packets from an interface, send them to user-space using an AF_XDP socket, filter them according to some criterion (for the moment I am accepting all packets), and send them into the Linux kernel for regular network stack processing using a tun/tap 'tun' interface.

To get the test case to go, you have to copy the ...

i have a problem with network drives. Users are working directly on files in network drive (mostly graphic files like .ai, .psd etc. from adobe). Drives are mapped via gpo from another server (shared folders on server b are mapped to users on server a). It doeasn't matter if file is large or small. The problem is that when they'are editing file it's lagging, u need to wait several second to scroll down, ...

0

I developed a web app that communicate with an external API in REST. Most of the time I have no problem, but a few times (1 or 2 times a day) I have my request which is timed out although the message I send is correct.

By analyzing with Wireshark, here is the error I get when a request is timed out : [TCP Retransmission][TCP Port numbers reused]

There's an error to upload an image, so you'll find the ...

this may be a stupid question, so I apologize in advance.

But how can I find out if an email is an o365 account or an exchange server. So for example [email protected].

With nslookup and set type=mx I get this below, but I can't find out what kind of account it is.

heizoele-sternath.at
Server: 10.221.255.1
Address: 10.221.255.1#53

Non-authoritative answer:
heizoele-sternath.at mail exchanger = ...

How to test that a Windows AD service account has been granted access to read from a SQL Server database server via Windows Authentication ?

This would need be an isolated test independent of any operations running within the Windows Service.

I set my main machine to run Ubuntu Server because my old Optiplex finally bit the dust (RIP). I'm trying to set up a virtual machine using Ubuntu Server as a host and just allocate resources as needed to a Windows 10 VM. To be specific, I want to access that VM directly at the machine, not remotely. How do I do that? Thanks very much for any help.

Based on what I learned from CS50x, each computer on the internet has its own unique public IP address. Some computers are used on the client-side to access websites, while other computers are used as servers that respond to requests (by providing data from their computers' databases, or more generally, fulfilling some "service(s)" for the client). When a client visits a website, they must make a request ...

My script is hosted on centos 7 apache server, with below htaccess:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A ...

How to create file history/ restore from previous version so that can retrieve accidentally delete shared network folder or file

I am on a Raspberry Pi and have a service that wants to know how inaccurate (ie - number of seconds) the system time is if the system time is off by at least one minute. When Raspberry Pi starts up, NTP has already updated the time before my service has a chance to start. How would I accomplish this?

I have tried updating /etc/ntp.conf by enabling statsdir:

statsdir /var/log/ntpstats/
statistics lo ...

I have a .pem key file that i use to ssh to my ec2 server. I've moved this key file to an encrypted external SSD disk. This has caused the owner of the pem key to be set to 'everyone'.

When i try to use this key in cmd.exe i get the warning

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ...

I've got an AWS API Gateway endpoint with a URL like this:

https://xxxxxxxxxx-vpce-09572222209cd2305.execute-api.us-west-1.amazonaws.com

I want to create an easy to remember alias for that name that I can use in my browser. I've already got an Nginx gateway that is redirecting to a number of other servers. So I just had to add a few lines to that machine's config: Here's what I'm doing right now: ...

What I'm trying to achieve:

(Clients)<IPSec Xauth PSK>(Server 1)<SSH-based SOCKS5>(Server 2) --> Free Internet

How is that possible for both UDP and TCP traffics?

What I've done:

I ran this on Server1:

ssh -N -D 1080 user@Server2:7999

I used gost for transparent proxying, and copy-pasted and modified a few lines of iptables script from their docs:

For TCP

gost -L "red://:12345?sniffing ...

I had a Dovecot and Roundcube server installed on the same machine, and Managesieve worked fine.

But I changed Rouncube to another server and I can't get managesieve to connect.

I already modified the managesieve configuration file indicating the IP of the Dovecot server, but in the rouncube log I see that it tries to connect to localhost, I don't understand...

Unable to connect to managesieve on local ...

Installed hestia with dovecot+exim4+roundcube. Setted up gzip by adding

  zlib_save = gz
  zlib_save_level = 6

in config.

Added loading module in imap conf. Im using thunderbird to read and sent messages but some messages in maildir were broken and thunderbird cannot finish downloading sent folder.

read /path/to/message failed. gz trailer has wrong CRC value at 8192 (read reason=mail stream)

UPDATE: Ye ...

Background: We are running a set of Ubuntu servers that gradually degrade until they reach a point of total unsuitability. What runs on those servers are solely Java Springboot services running on Java8, multiple of them on each server. Those servers run on top of EXSI and have an HaProxy balancer in-front of them to split the load in a roundrobin fashion.

The problem: Over time the System CPU us ...

I have two options:

I can connect my web app to a SQL server hosted on a virtual machine, or I can connect it to a dedicated SQL server instance. All will be hosted in the same zones in Azure / AWS e.g.

Now I want to write to this SQL server ten million times in a row in a foreach loop.

Will the dedicated SQL server instance perform better than the virtual machine or will it not make a difference?

I wonder if you can help me to configure rsyslog to write logs from different subnets to different locations, ie:

Log everything coming from subnet 192.168.1 to dir. /log/subnet1, from subnet 192.168.2 to /log/subnet2.

Problem is that i have already plenty preconfigured templates - for each message type. Tried to adjust below example but without joy.

$template PerHostAuthSub1,"/log/subnet1/%$YEAR%/%$MONT ...

Gentlemen ,

There’s a requirement for syslog server redundancy. Most of the syslog clients are network devices and appliances on which you can configure only one syslog server as destination. I been thinking about keepalived and virtual up shared between two syslog servers, so if one will be down, logs will be send to secondary server. All looks good on the paper. Anyone tried this? Will this  ...

I'm trying to configure password expiration warnings and access rejection with SSSD+LDAP by setting the following:

[domain/LDAP]
ldap_access_order=filter,expire
ldap_pwd_policy = shadow
ldap_access_order =  pwd_expire_policy_warn
ldap_user_shadow_expire=passwordExpirationTime
ldap_user_shadow_warning=pwmLastPwdUpdate
pwd_expiration_warning = 7

However I'm struggling with time formats: my LDAP server r ...