Recent content by sysdev

I'm also nog sure why you should/can select a language, as this is not propagated to the next screens and only works one time for the login screen. If I logoff it has changed back to english again. At least keep the choice in a cookie or whatever.

I think solutions differ if you have one server or a lot of servers. We have more than one person's ip whitelisted so if one ip changes, the other can update the edge firewalls :)

I said 'you don't have to' because you don't have to close the ssh port in the first place. Besides that I would recommend another port to run ssh on. This 'obscurity' isn't security of course but it's will make you logfiles a lot smaller so it's easier to track real problems.

Haha true, but with ssh keys or port knocking, you don't have to whitelist your ip-address. username/passwords attacks are never going to work. But you can't avoid brute force attacks, you can only make them less likely or impossible to succeed.

SSH Portknocking or ssh keys only.

I hate to tell you, but hosters who sell 'infinite/unlimited' things are selling you BS. There is no such thing als unlimited/infinite things in the hostingworld. As you have learner today. Contact them.

Yups, sorry, I didn't see it before. Thanks!

I noticed an error after apache updates to: 2.4.48 May 27 10:00:27 xxx httpd[157054]: AH00526: Syntax error on line 3 of /etc/httpd/conf/extra/httpd-directories.conf: May 27 10:00:27 xxx httpd[157054]: Option FollowSymLinks not allowed here May 27 10:00:27 xxx systemd[1]: httpd.service: main...

Shutdown your server or disconnect the network cable or only use private internet addresses. Everything else with a publicly routable internet address will get BF attacks. Deal with it by using very strong passwords and indeed a tool like csf.

Oh, I don't know about that. I presumed it was a DA patch, it wasn't. It also wasn't in the online sourcecode. But the tar.gz has a date of 14 apr. And the source file is changed only 12 days ago. So it just looks like a bug in the current tar.gz where the (void)in is replaced with void(blob)...

Why wouldn't it be correct? It's basic c...

Hmm, i looked in this file: https://github.com/curl/curl/blob/master/lib/vtls/openssl.c It's not there so i presumed it was the result of a patch. My bad!

Because it's not in the original curl sourcecode but is in the source from the da-servers. Seemed obvious to me?

Well, I think this is just a bug in the patch DA made. It's not in the original curl source code.

No problem, but the variable isn't defined anywhere so it's save to delete it and enjoy all the glorious bugfixes :):):):):)