Category: Webserver

VestaCP disable roundcube webmail
09.08.2018

CentOS7: # search for roundcube config file find / -name *roundcubemail.conf* /usr/local/vesta/install/rhel/6/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/7/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/5/roundcube/roundcubemail.conf /etc/httpd/conf.d/roundcubemail.conf # search for installed packages yum list installed |grep roundcube roundcubemail.noarch # is enough to disable roundcube rm -rf /etc/httpd/conf.d/roundcubemail.conf # seems to be no […]

NGINX as HTTP proxy – vhosts and SSL for Tomcat
01.03.2018

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term „SSL“ now refers to the Transport Layer Security (TLS) protocol, which is based on […]

02.08.2017

nginx can be used as webserver, web-proxy and even mail-proxy. „Apache ist aufgrund seiner Architektur und Arbeitsweise doch eher der Traktor unter den Webservern.“ X-D (src) let me try to translate: „Apache is due to its architecture and functioning rather […]

27.07.2017

in general: social competence demands to first praise then critizise – no matter what – nobody is perfect or god. praise: Thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) […]

CentOS Redhat – compile Apache2 from source
27.07.2017

i tried to compile under debian…. but it’s way more compli cated. also: you probably do not need all the packages stated here… but i did not have the time to sort those out sorry for that. feel free to […]

webserver software marketshare – NetCraft – Web Internet stats statistics – growth number of sites – total number of websites – internet stats statistics
27.07.2017

according to https://w3techs.com/technologies/overview/web_server/all apache(2 i guess) is still the dominant webserver on the internet with a market share of 50%. src: https://trends.builtwith.com/web-server according to builtwith.com it is „only“ 40% market share for the apache(2) webserver. also most sites are running […]

08.06.2017

client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

cool stuff you can do with ssh
07.06.2017

i assume you have setup public-private-key-authentication and tested its workings and tightened security to only allow public-private key auth of specific non-root users. run local scripts remotely You can run local scripts remotely by executing bash on the remote system […]

BIND und DNS – das Telefonbuch des Internets – Berkeley Internet Name Domain
09.05.2017

welche datei macht was? -> https://dwaves.de/2017/06/06/linux-dns-config-files-hosts-resolv-conf-nsswitch-conf-change-used-nameserver/ Im Gegensatz zum „Telefonbuch“ kann man beim Internet auch durch die Eingabe eines Namens die richtige Nummer „anrufen“ / aufrufen. Ein Bereich in dem Linux mit bind9 und named „dominiert“ – aber gleichzeitig ein […]

Programming Languages and Security
03.04.2017

ich wollte mal wissen, wie steht es eigentlich um die Security auf Technologie / Programmiersprachen-Ebene? D.h. welche Programmiersprachen machen es einem schwer vs. einfach sichere Software zu schreiben? Natürlich kann man in jeder Programmiersprache angreifbare Projekte entwickeln… das ist kein […]

22.01.2017

tested on vesta cp (apach2+nginx+Debian 8.7) this script could be placed into a file called: /scripts/mon_webserver_activity.sh #!/bin/bash #sh -c ‚tail -f /var/log/vesta/*.log && tail -f /var/log/nginx/*.log‘ & tail -f /var/log/vesta/*.log & tail -f /var/log/nginx/*.log & and you can run it […]

19.09.2016

what config file is nginx using? while it is running you can check via: ps uax|grep nginx root       766  0.0  0.0  41540     4 ?        Ss   Sep16   0:00 nginx: master process […]

13.09.2016

vim /etc/fail2ban/jail.conf; # open up the config file that defines all the defaults # find those lins: # # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = YourValidEmailAccount@YourDomain.com # Choose default action. To […]

13.09.2016

but also whole companies from israel are offering tools to nuke off your webserver with „rented“ DDoS attacks vim /etc/fail2ban/jail.local; # add those lines: [apache] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache2/*error.log maxretry = 3 […]

27.08.2016

last -x shutdown shutdown system down  3.16.0-4-amd64   Sat Aug 27 16:31 – 16:32  (00:00)     shutdown system down  3.16.0-4-amd64   Fri Aug 26 08:10 – 08:11  (00:00)     shutdown system down  3.16.0-4-amd64   Thu Aug 25 11:04 […]

04.07.2016

… if you have ssh properly setup (public-private-key-based-auth) then you can easily connect via sftp to your host and abandon ftp, which is prone to security problems. E.g. with FileZilla to Disable vsftpd service vsftpd stop; # sto vsftpd service […]

22.06.2016

it was a bad idea to use the vestacp backup and restore function. unfortunately i believe you are better off restoring every domain by hand. systemctl status apache2.service ● apache2.service – LSB: Apache2 web server    Loaded: loaded (/etc/init.d/apache2)   […]