Archive | Server Administration

How to compile ezstream from source

Debian Stretch’s version of ezstream is currently a bit out of date. Here is how you compile ezstream from source to get the latest improvements and bugfixes. Not even the INSTALL file in the ezstream repo has all the steps:

Note that the configuration file structure has changed from what can be found on older blog […]

Continue Reading 0

Hardening WordPress against hacking attempts

The WordPress Codex states: Security in WordPress is taken very seriously This may be the case, but in reality, you yourself have to take some additional measures so that you won’t have a false sense of security. With the default settings of WordPress and PHP, the minute you host Wordpress and give access to one non-security-conscientious administrative user, your […]

Continue Reading 0

no.php – Transparent reverse proxy written in PHP that allows you to not have to write PHP any more

This little project will probably be my only contribution to the world of PHP. The code is at https://github.com/michaelfranzl/no.php This short, single-file, 80-line PHP script is a simple and fully transparent HTTP(S) reverse proxy written in PHP that allows you to never have to use PHP again for a new project, if you feel so […]

Continue Reading 0
'Hashed' brown potatoes. Hashing is important on more than just one level (picture by Jamie Davids, CC-BY-2.0)

Hashing passwords: SHA-512 can be stronger than bcrypt (by doing more rounds)

On a server, user passwords are usually stored in a cryptographically secure way, by running the plain passwords through a one-way hashing function and storing its output instead. A good hash function is irreversible. Leaving dictionary attacks aside and by using salts, the only way to find the original input/password which generated its hash, is to simply try all possible […]

Continue Reading 0
Selection_008

100% HTTPS in the internet? Non-Profit makes it possible!

HTTPS on 100% of websites in the internet? This just has gotten a lot easier! Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG), a Section 501(c)(3) Non-Profit entity dedicated to reduce financial, technological, and education barriers to […]

Continue Reading 2

Unprivileged Unix Users vs. Untrusted Unix Users. How to harden your server security by confining shell users into a minimal jail

As a server administrator, I recently discovered a severe oversight of mine, one that was so big that I didn’t consciously see it for years. What can Unprivileged Unix Users do on your server? Any so-called “unprivileged Unix users” who have SSH access to a server (be it simply for the purpose of rsync’ing files) is not really “unprivileged” as the […]

Continue Reading 1

Exim and Spamassassin: Rewriting headers, adding SPAM and Score to Subject

This tutorial is a follow-up to my article Setting up Exim4 Mail Transfer Agent with Anti-Spam, Greylisting and Anti-Malware. I finally got around solving this problem: If an email has a certain spam score, above a certain threshold, Exim should rewrite the Subject header to contain the string  *** SPAM (x.x points) *** {original subject} Spamassassin has a configuration option to rewrite a subject header […]

Continue Reading 9
GDFL 1.2

Do not Panic! Remote Server (Hetzner) not rebooting any more – A Solution

I went through this experience recently. First of all, don’t panic! I panicked, and because of this, I made a mistake: I didn’t wait long enough for it to come online. Had I waited up to 60 minutes, it would probably have come online (see reason below). The story: I had broken packages on my Ubuntu […]

Continue Reading 23

Why you should regularly make backups

The answer is: Because if you don’t, then this mistake will bite you, sooner or later. Why? Because of Murphy’s Law: Anything that can go wrong, will go wrong. And because a variation of it, Finagle’s law: Anything that can go wrong, will—at the worst possible moment. The worst case scenario is that all your (and […]

Continue Reading 0

Powered by WordPress. Designed by Woo Themes