Linux

Testing SSL on the Commandline

This is a useful one for testing dovecot when setting up SSL: openssl s_client -connect localhost:993 -quiet If you get a ‘Connection Refused’, you have my permission to swear loudly. For me, the C bomb echoed around these four walls several times.

By andy, ago
Linux

SMS Alerts with Nagios

I use Nagios a lot. If it’s not for the peace of mind that I know that my, and my clients infrastructure is monitored, its for the obsessive compulsiveness of the statistics. Admittedly, stats-wise I use Munin now, however, for monitoring everything I use Nagios. One of the awesome things Read more…

By andy, ago
Linux

Selectively Deleting from Postfix Queues

postqueue -p | tail -n +2 | awk -v r=**Email Address** 'BEGIN { RS = "" } / r/ { print $1 }' | tr -d '*!' | postsuper -d - This will delete anything from the postfix queue matching whatever email address is in **Email Address**

By andy, ago
Linux

Enable HTTP2 in Apache

HTTP/2 is the second major version of the HTTP protocol used by web servers. It is based on Google’s SPDY protocol. It is the first new version of HTTP since HTTP 1.1, which was standardised way back in 1997. By the end of 2015, most major bowsers (Chrome, Opera, Firefox, Internet Explorer 11, Safari, Read more…

By andy, ago
Linux

Building your own Ad-blocking DNS Server

Ad-blocking software is great, but there are an increasing number of ways to detect and prevent people from viewing the site content. I found that by creating an ad-blocking DNS resolver, this would effectively simulate a connection issue when communicating with one of the advert servers, therefore not triggering this Read more…

By andy, ago
Linux

Quick and Dirty Rundown for PSAD

This is a very quick and dirty rundown on what to do to set up PSAD to manage blocking naughty people. There are lots of guides with a lot of fluff. This is a bare-bones, no-BS version of this. I have run this through Ubuntu 16.10, but you may be Read more…

By andy, ago
code

PHP Error Reporting

If PHP is not reporting errors within an application (say for example a built-in error handler, or suppression), the following can be added to Apache’s vhost file: php_admin_value error_reporting 6135 php_admin_value display_errors 1 However, if you do not have access to the vhost, the following lines can be added to Read more…

By andy, ago
Linux

Extracting a table from a gzipped SQL Dump

The following snippet can be used to extract a table from a MySQL backup file created with mysqldump. It is ideal when working with massive databases, and is something I use once in a while myself. zcat backupfilename.sql.gz | sed -n -e '/CREATE TABLE.*`tableToRecover`/,/CREATE TABLE/p' > tableToRecover.sql If you wish Read more…

By andy, ago
Linux

Preventing DNS amplification attacks

As you may be aware, I run my own DNS resolver(s), and I am constantly plagued by some German governmental body waffling on about DNS Amplification Attacks.After a bit of toking and fro-ing, I decided to investigate further. The official answer is ‘don’t run a public resolver’, however, the following Read more…

By andy, ago