Join Log in

Latest Server related questions

Score: 0
NAT with masquerade on different interfaces that access different network with Nftables
br flag
Maeln

I have a server that is connected to two network :

  • 10.0.0.0/24 through an interface wlan0
  • 192.168.1.0/24 through an interface eth0

I want to setup a Wireguard VPN to make both network accessible from outside. I activated ip forwarding in my config (with sysctl). Now I need to setup a NAT in order to route my requests from the VPN server through the two local network. I use nftables to setup the NAT ...

Server networking debian nftables
Score: 0
openldap / slapd return the error : "daemon: listen(ldap://my.server1.org, 5) failed errno=98 (Address already in use)"
cn flag
user161458

I am trying to set up a master master replication between two openldap servers. To do so, the first steps make me configure theses two files :

  • /etc/hosts, need to contain the DNS of the baseDN of the servers (itself and the second server) :
192.168.150.1 my.server1.org
192.168.150.2 my.server2.org
  • /etc/default/slapd, need to contain the server own FQDN to match the future serverID to the URI :
    •  ...
Server openldap ldap slapd
Score: 0
Christine Cooper avatar
Optimize PHP-FPM options for performance
gb flag
Christine Cooper

PHP-FPM is great for heavy-loaded sites, but it is not clear how to configure it properly for performance.

In the PHP-FPM Pool options, we have fields:

Max Requests (default: 20)

Max Children (default: 5)

Process Idle Timeout (default: 10)

How do we optimize these settings for best performance?

In my example, I set these to:

Max Requests: 350
Max Children: 35
Process Idle Timeout: 100

But received c ...

Server optimization php-fpm
Score: 0
zfs-import@pool.service fails to start at boot
mx flag
Peter

I just installed proxmox(7.1-2), setup a zfs pool and added a NFS share.

But on every boot the service zfs-import@asgard.service fails to start, but if I look in the /asgard directory everything seems fine?

I am fairly new to Proxmox, Linux and ZFS so I hope I have gathered all the logs that can be of use, if not just tell me what more could be of interest.

root@proxmox:~# systemctl --failed
  UNI ...
Server linux zfs debian proxmox zfsonlinux
Score: 0
Maestro223 avatar
CPU Limiting & kswapd0 Advice Saught
cn flag
Maestro223

Through hours of testing, I have found that the nextcloud desktop sync client for ubuntu 20.04 (appimage or ppa) both seem to have a bug to where... if a common nextcloud file sync error occurs , kswapd0 spikes to 100% of CPU and the swapfile on Debian 10.5 server becomes completely filled. (clamscan also spikes 45% to 100% during kswapd0's climb to 100% of CPU). My other sync clients do not cause this ...

Server swap cpu-usage
Score: 0
user2798081 avatar
Change Redis Sentinel offered port
eg flag
user2798081

I have set up three Redis servers using Bitnami Docker images. Both plain and TLS ports have been configured for Redis and Sentinel. How does Sentinel determine which Redis Master port (TLS or plain) should present to the client? Is there any configuration for this?

Environment: 3 x "Ubuntu 20.04 LTS" servers, Redis & Sentinel 6.2 containers installed on all servers.

Server redis redis-sentinel bitnami
Score: 1
Rohan avatar
Is nginx affected by the log4j 0 day exploit found recently?
us flag
Rohan

Trying to learn more about the recently discovered 0 day exploit

This is a list of affected software I found -> https://github.com/NCSC-NL/log4shell/tree/main/software

It only says nginx in a note for F5.

If I am using an Ubuntu server with nginx to serve files over the internet, do I need to worry?

Server nginx log4j
Score: 1
FLYFLY avatar
About MPLS label range
fr flag
FLYFLY

In most routers or switches that support MPLS, if transit label and uhp LSP label need to have a different label range? when protocol(LDP or BGP) assign labels, I know that VPN label and LSP tunnel label have different range, but I'm not very clear if transit label and termination LSP label have different label range?

Server vpn router switch bgp mpls
Score: 1
Shalabh Goel avatar
Limit user scope to a project in openstack
in flag
Shalabh Goel

I have an openstack victoria cloud setup. I am using default policy of keystone and have not made any changes to that policy.

I have created a test user names testuser in openstack. I assigned it primary project as testproject and admin role. But when I login as testuser, I am able to access the admin project as well. Its like my scope is not limited to testproject.

According to the documentation

Server openstack openstack-keystone
Score: 1
DHCPv6 fixed assigment
cn flag
Marlon Goncalves

Trying to assign fixed ipv6 addresses to my coreos master and worker nodes from my Centos in order to have dual stack running on the cluster. However I am having a hard time getting it to assign the fixed ip addresses that I am hard-coding in the dhcp6.conf file as follows:

[root@ocp-svc ~]# cat /etc/dhcp/dhcpd6.conf
#
# DHCPv6 Server Configuration file.
#   see /usr/share/doc/dhcp-server/dhcpd6.conf. ...
Server ipv6 dhcpd
Score: 1
MrCarrot avatar
Increase PHP's upload_max_filesize in Apache
cn flag
MrCarrot

I have a Laravel app and I need to increase PHP's upload_max_filesize, but rather than do this for the entire app I wanted to apply it to a specific route/location. I am running Apache 2.4.

In the past with something like WordPress I would put this in the Apache virtual host configuration:

<Directory /www/website.com/public/wp-admin>
php_admin_value upload_max_filesize 30M
</Directory>
 ...
Server mod-rewrite apache-2.4 laravel
Score: 0
Domain anti-theft best-practices
ie flag
DDD

a big company is trying to find the best way to protect its domain.

What is the best practice to solve the following concerns:

  1. The account at the registrar website (GoDaddy/NameCheap/etc.), let's call it from now on the owning account will probably use company's email (e.g. dev@company.com). But this creates a circular dependency, because let's say that the domain was not renewed for some reason, the ...
Server domain
Score: 0
Ben Fransen avatar
Auto block IP if request contains jndi
cn flag
Ben Fransen

I have a VPS running CentOS 7 and I have very limited technical knowhow. However, given the recent log4j exploit, I need to do a few things. I've updated all software and packages on my server. I don't think that I have log4j enabled, at least - not by me.

To add an extra layer to defend my VPS I feel its okay to auto block an IP if the request contains something with jndi. The users on the server don't ...

Server iptables blacklist log4j
Score: 2
How to authenticate and push to GitHub from a CI Script
fr flag
PrestonDocks

I keep my development on a personal GitLab server. In my CI/CD script, I want to push the repository to a public GitHub repo when a new tag is created.

The CI/CD runs in an ephemeral Docker container, so there are no credentials stored. I can however add secrets in GitLab, but I don't know what git command I would use to log in to GitHub pragmatically.

I have tried git push https://usesrname:password@gi ...

Server git github
Score: 1
NecNecco avatar
How to check an IP address is blocked by IP Route?
cn flag
NecNecco

My server is constantly getting attacked by Amazon India servers.

I added 35.154.0.0/16 range to the route for IP address 35.154.252.15

ip route add blackhole 35.154.0.0/16

But when I check if the IP address is blocked, it does not output anything.

ip route show 35.154.252.15

How can I make sure 35.154.252.15 is blocked by ip route?

Server route
Score: 1
AWS Application Load Balancer bringing ASP.NET application down
ng flag
Diego Jancic

I have an AWS Application Load Balancer configured with EC2 and an auto-scaling group. The EC2 instances run a Windows+IIS web server. The Web Server connects to a database.

It has happened in some situations (once every 2 months) that the Health Checks for the ALB start to detect the application as unhealthy and take the EC2 instances down. There are always at least 2 instances running, and this ...

Server asp.net load-balancing amazon-web-services

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.