Latest Server related questions

A bit stuck here. Semi familiar with routing and semi familiar with linux. Just enough to be dangerous but apparently not enough to be dangerous enough.

Hoping someone can point me in the right direction here. I am pretty sure what I need to be implementing is Policy Routing.

I have 2 NICs (one onboard, and another a separate PCIe Wireless Card). I have connected both to my local network 192.168 ...

I have a Postfix (v2.10.1) mail server running on Oracle Linux 7.9 that forwards mail for LDAP user accounts via the ~/.forward files located in NFS mounted /home/ directories.

# postconf forward_path
forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward

The system works as intended for all of the NFS accounts, but I have one account created locally with a home director ...

In my MySQL database, I've created two users, one regular user (who has privileges for one database) and one superuser. When I want to login via any of these accounts to phpMyAdmin I get a "Cannot log in to the MySQL server" error. (I'm accessing remotely)

Inside <Directory /usr/share/phpMyAdmin/> in my /etc/httpd/conf.d/phpMyAdmin.conf file:

<Directory /usr/share/phpMyAdmin/>
    AddDe ...

Feel free to give me a course correction. I'm out of my depth here.

I'm using openconnect to connect to a vpn. This creates a device tun0, which I can see when I run ip address. I've successfully added entries to my routing table with ip route add $IP_ADDR dev tun0 and been able to access servers on my vpn.

I want to try using this vpn connection as my default route, and I've seen other posts, such as ...

I need to be able to upload files to my server on a VM instance on Google Cloud. I was following this tutorial: https://www.youtube.com/watch?v=o_OQEydt3MI

• I've generated key via PuTTY key generator
• Key Comment: I've entered my Gmail address that I use to log in into Cloud console (without ...@gmail part, just like in tutorial)
• I've inserted my key passphrase
• In the instance details I've pasted my SSH k ...

I have a AWS EC2 instance, specifically a t3.2xlarge, that has windows server 2019 and SQL Server 2016 Standard installed(license came from the instances, through AWS), I'd like to upgrade my server to SQL Server 2019. When I download and run SQL Server 2019 I'm prompted for a product key to upgrade my instance:

The product key is not pre-populated with the key of the original instance(2016). How do I lo ...

I've been puzzled by this problem for a few months now. My website loads fine in http, but when it uses https, only the images don't load. I see this error in the console.

Failed to load resource: the server responded with a status of 403 (Forbidden)      /images/:1

My server configuration looks like this.

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enable ...

mod_authnz_ldap can accept only one attribute according to the docs. Is there a strategy to check first UPN, then samaccountname using mod_authnz_ldap? Or is there an alternate module that can do this? And looking for two attributes is there a way to control what gets returned? My PHP developer grabs the name post login to select the account in the app database. Company employees need to use the UPN, bu ...

nft is causing me endless headaches, no matter how I tweak the policy, I still cannot get it to function.

The concept I have in mind :

• One "base" chain where common rules live (e.g. allow ssh etc.)
• One or more application specific where daemon specific rules live (e.g. http server chain)

I have tried many different permutations of rules, but I can never get both "base" + daemon traffic flowing, ...

Our software requires the business users (of the software) to have read and write access to the database (MS SQL Server). The users are added to an active directory group with this SQL permission. The business users also want to query the database as read only in SQL Server Management Studio. Is there a way that the user can have read write access to the database from the software and read only from the ...

I see in my mediatemple server maillog endless intrusion. i need to block these ips. who can help with filter file to match these?

Jan 21 07:51:44 mydomain postfix/smtpd[23505]: SSL_accept error from unknown[185.7.214.188]: -1
Jan 21 07:51:44 mydomain postfix/smtpd[23505]: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:647:
Jan 21 07:51 ...

my issue: I have a process creating more than 10k TCP-Connection to the same destination IP&Port per second. After a short period of time, no new connections can be created any more, as there are no more source ports available.

I already tried to mitigate this by setting net.ipv4.ip_local_port_range and net.ipv4.tcp_fin_timeout but it did not solve the issue.

Now my thought was: If I could tell the  ...

For example i used next commands:

ip address add IP dev interface

IP route add default via IP dev interface

and if I reboot Debian then the settings are just reset. I used command iptables-save, it didn't work, it could not save it.

I have an nginx server behind a load balancer, the nginx server passes requests on to a variety of services, but in this case a docker container running apache. The load balancer sets an X-Forwarded-For correctly, but by the time it gets to the docker container, X-Forwarded-For has been set to the LB IP.

I have this in nginx config:

/etc/nginx/conf.d/real_ip.conf
set_real_ip_from {{LB IP}};
real_ip_he ...

I cannot install update KB5009557 (Windows Server 2019, Version 1809, Build 17763.1339) as it fails with error code 0x800f0986.

Both, online update and WSUS, are not successful.

I read several discussions about this error but first of all I would like to understand the error code. The only information I found is a support article from Microsoft where 0x800f0986 is described as

0x800f0986 PSFX_E_AP ...

I have a directory (foo/uploads), which contains 1 file: file1.txt

I have created a symlink to this directory (bar/uploads)

Here is my .htaccess file inside bar:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

And this is my vhost file:

<VirtualHost *:80>
    ServerName bar.com
    DocumentRoot /var/www/bar

    <Directo ...