Search results

Yeah, I think I can't really help you with that one. That's something the developer of whatever script is being crawled should do. The Redis cache is a good start. In /var/log/httpd/domains/ you can find the weblogs. But caches come in many forms. I can not decide what works for you. Sorry.

At least you're not swapping and you have ram enough. So, kinda points to the scripts running? I can only point you in a somewhat right direction because I know nothing about your sites or scripts. But, you have a lot of spare ram. Use it for caching. It might be a lot of work if you have a...

Well… if your server is already overloaded, as you mentioned in your first post, increasing resource usage is almost never a good idea. Your server may appear fine on the surface, but if it's running with a load that exceeds the number of available CPU cores, it’s not actually functioning well...

Be careful when putting a lot of domains on one useraccount. I totally get it, to cut costs. But... If that one user get's hacked... all the sites belonging to that user must be considered hacked.

After the latest update I'm getting an internal error (failed fetching list of updates) when checking System Packages. Never mind. a "rpm --rebuilddb" fixed it.

Yes, that is an option we already use, mainly for large accounts. Well... at least when we notice someone becoming a 'large account'. (Mental note: Maybe I should default that and shut up) But... if it could be skipped all together, still would be nice.

Is there a supported way of generating a ready-to-import DA admin level backup, from a rsync's directory structure on an different, non da server in a closed private lan? I already rsync all users on vm's to a zfs backup pool. And I only need a DA admin backup if I need to restore a user. So...

Same, but with safari :)

Any firewalls running on the VM itself? (iptables, firewalld, csf)

Oh, I missed that part, my bad.

Try this: SecRuleEngine On SecAuditEngine On SecAuditLog /var/log/apache2/modsec_audit.log SecRequestBodyAccess on SecAuditLogParts ABIJDFHZ in your modsecurity config.

What exactly is the definition of lifetime support? - till I die - till the merchant dies - till the product dies someone has to die I guess...

I'm not following this topic anymore because I was already fed up with everything after a few pages. I just want to say that I'm very disappointed how things are going. DA are imho good people and they never let me down with anything. But I have hundreds of customers with many of them being that...

Uhm... not allowing the backups to use ram (os determines mostly how this is manged) would probably bring your server down pretty fast as it wouldn't be able to cache (millions?) of files for the backups. It would also increase the IO with A LOT, which you would notice pretty fast if the sites...

Oh great! I totally missed that. The specific server indeed had a yum cache error and didn't get updated. Thanks for pointing it out to stupid me!

Still having that issue with the '-no-header' at line 348 in scripts/letsencrypt.sh where cert renewals fail because of a non-existent parameter to 'ss'. Also still having TLSA records that not seem to get updated after letsencrypt renews certificates. This actually results in customers moving...

SSL / TLS related: For some reason I noticed ssl generation issues with the '-no-header' parameter. But this was fixable by removing the parameter from the letsencrypt.sh but... I also get a bunch of failing DANA (tlsa) checks so I have to manually generate new tlsa records. I thought this was...

Same issues here...

Try putting the timeslot before the wordpress rules. Maybe add the [L] to the rule to make it the last evaluated rule (within the timeslot). Otherwise your. Not tested it myself tho.

You configure haproxy on server1 and split http requests based on hostnames. You can find examples here: https://www.haproxy.com/documentation/haproxy-configuration-tutorials/