Archive | Server Administration

Hardening WordPress against hacking attempts

The WordPress Codex states: Security in WordPress is taken very seriously This may be the case, but in reality, you yourself have to take some additional measures so that you won’t have a false sense of security. With the default settings of WordPress and PHP, the minute you host Wordpress and give access to one non-security-conscientious administrative user, your […]

Continue Reading 0
Selection_008

100% HTTPS in the internet? Non-Profit makes it possible!

HTTPS on 100% of websites in the internet? This just has gotten a lot easier! Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG), a Section 501(c)(3) Non-Profit entity dedicated to reduce financial, technological, and education barriers to […]

Continue Reading 2

Unprivileged Unix Users vs. Untrusted Unix Users. How to harden your server security by confining shell users into a minimal jail

As a server administrator, I recently discovered a severe oversight of mine, one that was so big that I didn’t consciously see it for years. What can Unprivileged Unix Users do on your server? Any so-called “unprivileged Unix users” who have SSH access to a server (be it simply for the purpose of rsync’ing files) is not really “unprivileged” as the […]

Continue Reading 2

Exim and Spamassassin: Rewriting headers, adding SPAM and Score to Subject

This tutorial is a follow-up to my article Setting up Exim4 Mail Transfer Agent with Anti-Spam, Greylisting and Anti-Malware. I finally got around solving this problem: If an email has a certain spam score, above a certain threshold, Exim should rewrite the Subject header to contain the string  *** SPAM (x.x points) *** {original subject} Spamassassin has a configuration option to rewrite a subject header […]

Continue Reading 9
GDFL 1.2

Do not Panic! Remote Server (Hetzner) not rebooting any more – A Solution

I went through this experience recently. First of all, don’t panic! I panicked, and because of this, I made a mistake: I didn’t wait long enough for it to come online. Had I waited up to 60 minutes, it would probably have come online (see reason below). The story: I had broken packages on my Ubuntu […]

Continue Reading 23
Email logo

Setting up Exim4 Mail Transfer Agent with Anti-Spam, Greylisting and Anti-Malware

Recently my Exim mail server was hopelessly spammed to such an extent that I wasn’t even able to clear the mail queue with rm ./*, nor even list the files, nor even count the files with ls.  How still I managed to delete probably millions of mail files in one folder can be read in […]

Continue Reading 1

Powered by WordPress. Designed by Woo Themes