Latest Server related questions

In my nginx config I have

if ( $query_string ~ "author=([0-9]*)" ) { return 403; }

to block author queries on the frontend from leaking sensitive information. The problem is this also blocks author queries on the backend.

How can I modify this so that

/wp-admin/edit.php?something=1&author=1 //pass
/something.php?something=1&author=1 //fail

Is there a way to apply a fail rule on a regex only if  ...

Is the following configuration correct to allow IPP printing to a remote public printer (to any IP address)?

iptables -A IN -i eth1 -p tcp -m tcp --sport 631 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUT -o eth1 -p tcp -m tcp --dport 631 -j ACCEPT

Should I accept RELATED incoming requests too?

Is it normal that the external printer sends unrelated requests (from source port 631) back to my compu ...

Last night I realized that there is a 5 address limit with regard to provisioning elastic IP's.

Ive done some initial research, and have come to the conclusion that a bunch of elastic Ip's is probably not the correct answer. I feel confident that I can add startup scripts to update Route 53 dns records at startup to circumvent the need for static ip addresses, but from reading, it seams like this ...

I'm moving example.com from an external (non-Google) hosting provider into GCP.

When setting up the load balancer, I noticed that I have to point example.com to the load balancer in order for the Google managed certificate to validate.

I'm supposed to just change the A record of example.com to the (static) IP of the new load balancer - then it will validate.

The problem is that I already have a lot of  ...

My database is 250 MB and dump size is 82 MB. I am using latest MariaDB. running this command:

mysqldump -u user -p database > t.sql

I have an old SLES 12 SP1 (no GUI) server that I recently patched and when I reboot the server it was just showing me an empty black screen and the mouse pointer. (Tried multiple Ctrl+Alt+F1-F9, and nothing happens)

So I edited Grub and added nomodeset. Now the server gives me the login screen and seems fine.

Then when I enter the username and passwd, the server just shows a cursor and after a whil ...

I need help to implement something like this from express static options.

Sets file extension fallbacks: If a file is not found, search for files with the specified extensions and serve the first one found. Example:

['html', 'htm']

I have web app deployed in K8 in aws & configured LoadBalancer to call the same from internet. In the Postman I call like ,

GET https://myteams.myorg.net/config Headers: Host doom.myteams.myorg.net I can convert as corresponding http request as below

GET /config HTTP/1.1 Host: myteams.myorg.net Host: doom.myteams.myorg.net

But I want to call the same from browser URL ? I tried several ways but can't ...

When using clamdscan, I would like to have verbose output logged to a file. Specifically, the timestamp, file path and file name as well as the scan results should be logged to a specified file. At the moment it is logged to /var/log/clamd.scan. However, given that I would like to use it within a script, I would like to log this kind of output to a configurable file.

While there is a -L switch, i ...

Centos 8.

There is snowuser:

[snowuser@snowcannon-01 ~]$ cat /etc/passwd | grep snowuser  
snowuser:x:1002:1002::/home/snowuser:/bin/bash   
[snowuser@snowcannon-01 ~]$ groups  
snowuser wheel

There is tomcat user:

[snowuser@snowcannon-01 ~]$ cat /etc/passwd | grep tomcat  
tomcat:x:1003:1003::/opt/tomcat:/bin/false  


cat /etc/group | grep "tomcat\|snowuser"  
wheel:x:10:ydyachuk,amsliusar,snowuser  
 ...

I have around 5 VMs in Azure, which were originally provisioned as Ubuntu 18 and since then I've been dist-upgrading them several times. A few months ago I noticed that similar VMs on different subscriptions fail to boot, being stuck on "cloud-init" step.

Some of those VMs do have "Raise network interfaces" failure, some don't.

So far the workaround has been to detach the drive, edit it in a different VM ...

OS: CentOS 7

I am trying to figure out how audit (kaudit) events are logged in /var/log/messages.

I have enabled audit=1 in grub which means when the server boots, kernel auditing is enabled. This is the desired state for the particular system and disabling audit is out of the equation. My audit configuration is as follows

  #  auditctl -s
enabled 1
failure 1
pid 0
rate_limit 0
backlog_limit 64
lost 74 ...

I'm close to understanding it, but one thing in documentation makes me unsure.

At first, lets take a look at postfix architecture from docs. There are two stages: receiving and delivering. During receiving stage mail is stored in incoming queue and smtp client is notified about successfully enqueueing.

Also documentation says relocated_maps is treating by trivial-rewrite ONLY during delivering stage. And  ...

Calling journalctl --setup-keys creates a new key pair for Forward Secure Sealing (FSS). How can I check if this was done on a system without generating those keys if it has not happened yet?

Alternatively, since this process creates the key in file fss in the journal directory, how can I find this directory, since it contains some "arbitrary" hash, e.g. /var/log/journal/3c726bc3b46e1333bb57fa1857efcf35

I have been on GCP for roughly 3 months now. In that 3 months I have received 6 notices from GCP saying that one of my compute engines is creating a denial of service attack. They provide the IP address of the CE, and the time the attack triggered the compliance alert (which this last notice was 2021-11-25 00:10 to 2021-11-25 00:10).

I have taken as many steps as I can possibly take. I have 2 kin ...

I have a VPN between one server (Debian 10, Strongswan 5.7.2) and a partner server (Stormshield SN510). All run fine, my others servers can reach the partner one on HTTPS via the VPN.

But IKE SAs stay actives, until I have 70 of them and the partner VPN endpoint have problems to handle them.

For example, a small subset (I removed every IP on purpose)

root@ipsec1:/etc# sudo swanctl -l
partner: #1837, ESTA ...