Search results

I'm Dutch, we're very good in paying governments for things we have to do ourselves. And all that while I could do my job in top of a coconut tree on the Bahama's if there's some decent wifi. This is how BOFH are made. :)

True, but I just realized that my pi-5's use 2 bucks of power per month. If I docker every customer with an ipvlan and cap the hell out of everything, I too can put 50 users on it, if they are optimized for zero to no usage. :cool::cool: 💰💰💰

I see 'Optimized for low cpu usage'... I need a few beer... :censored:

Here you'll find the system requirements for installation of da. https://docs.directadmin.com/getting-started/installation/overview.html (including swap, hehe) But this went already wrong when the disk got partitioned during the install of the os. It should have included a swap partition as it...

Check if the cron service is running and if other crons (monthly etc) are running or not. Restart the crond service, check for typo's in the cron files. grep -i cron /var/log/* or journalctl -u crond to check if anything is happening. Did you turn it off and on again? :)

Sure you don't have kernel updates excluded in the repos by any chance? I once dropped an 'exclude=kernel*' in a yum.conf because a specific kernel wouldn't boot on xenserver. Totally forgot about that. Didn't have kernel updates for a year :)

A 406 error is most likely a modsecurity error. Multiple requests will get you blocked indeed. Check the modsec logs too.

A few da dns webhooks to your domain provider's api and everyone can sniff his glue :) I am a provider and fully understand why hosters would charge for dns services. We like to be in control of our infra so we do have multiple nameservers scattered over europe. But this is definitively a...

To use glue records, you don't 'need' your own nameservers. All you need are the nameservers that your domain actually resides on, which can simply be the nameservers of your registrar if they provide dns services.

I want to add a text to incoming e-mails to my domain, but I'm completely lost in exim. When a mail is received, I want that mail to run through a script that might add text to this mail, before its delivered. Sounds easy, but after 2 hours I'm still nowhere... Anyone have an example maybe...

Technically it is possible, but most ipv6 related stuff is /64 based, so either way it might be something to check.

According the output he has a weird /96, or am I blind? :)

Your scope global on ipv6 is set deprecated so the kernel will not choose those ip's for outgoing traffic so the check: ip -6 route get 2001:db8:: will fail as there is no selectable route. Try this tho delete an address and add it as a preferred ip -6 addr del 2a06:900:201:bb01::951/96 dev...

Yups. part of crowdsec

Yes it does. In the community version you can choose 3 free blocklists iirc. Or buy commercial ones of course. But you can opt-out on sharing the banned ip's. But if you take no part in the community, you don't get the complete blocklists. You can maintain your own blocklists if you want. On...

Yeah, it's flaky usually too. You could simply check if it starts with '12' for now. But bot's rotate useragents every few minutes, seconds sometimes. Switching between old and new versions. Botnets are pretty smart and range their ip's how they can be used. An ip being banned for using the...

Yups, I drop weblogs from 'difficult' servers via rsyslog on a vps running the security engine only. This engine uses an ip's history and a bunch of rules to decide if an ip should be banned. This is the gather and decide part. On multiple webservers (even if they do not send their logs to my...

<RequireAll> Require all granted # Matcht Chrome/0..119 Require not expr "%{HTTP_USER_AGENT} =~ /Chrome\/(?:\d|[1-9]\d|1[01]\d)/i" </RequireAll> or RewriteEngine On # Matcht Chrome/0..119 RewriteCond %{HTTP_USER_AGENT} "(?:^| )Chrome/(?:\d|[1-9]\d|1[01]\d)" [NC] RewriteRule ^ - [F] Same...

I use crowdsecurity to analyse weblogs and this blocks about 15k+ ips from botnets based on community blocklists. And when our monitoring still sees a too high load it runs a script to count all crap in the logfiles (403/403/50x per ip, number of requests, many sensitive urls like...

How about just installing a second mariab instance and using the db hooks to mirror databases and users? Change port in phpmyadmin config, disable database backups in DA and cron your own mysqldump? Like with clusters, but local.