Linux

Within HAProxy it is possible to redirect all http traffic to https.It is sufficient to add the following rule within the frontend section:

Within HAProxy it is possible to redirect all http traffic to https. It is sufficient to add the following rule within the frontend section: frontend incoming80 bind 10.1.1.13:80 redirect scheme https if !{ ssl_fc }

If you configure HAProxy by default, the backends will receive the IP address of the HAProxy as incoming IP address. Some applications (or people) don’t want that. It is possible to configure haproxy as transparent proxy, so that the IP…

With the code below, you can set selinux to allow remote backends.

If you have a file system with a lot of small files, it it possible that you are running out of inodes. Unfortunately it is not possible to increase the number of inodes on the fly. In order achieve this,…

You can use the following mod_security rules for wordpress/joomla/drupal ## Rules for the CWP ## SecRuleRemoveById 910006SecRuleRemoveById 950000SecRuleRemoveById 950001SecRuleRemoveById 950005SecRuleRemoveById 950006SecRuleRemoveById 950117SecRuleRemoveById 950907SecRuleRemoveById 958039SecRuleRemoveById 958051SecRuleRemoveById 958291SecRuleRemoveById 959006SecRuleRemoveById 959151SecRuleRemoveById 960008SecRuleRemoveById 960010 SecRuleRemoveById 960011 SecRuleRemoveById 960012 SecRuleRemoveById 960035 SecRuleRemoveById 960335 SecRuleRemoveById 960904 SecRuleRemoveById 960915 SecRuleRemoveById 970003 SecRuleRemoveById 970015 SecRuleRemoveById 970903 SecRuleRemoveById 973301 SecRuleRemoveById…

There are different possibilities to run internet speed tests from Linux (and Unix based systems) command line. Personally I don’t always want to install extra applications on the servers.Because of that, I use the following command line. The only thing…

You can use the following command, as superuser, to clear the systemd logs: Keep the last 7 days: journalctl –vacuum-time=7d Keep the last 100Mb: journalctl –vacuum-size=100M

Fail2ban is a daemon that can be used to monitor the logs of services and ban clients that based on incorrect behaviour. A must have on your Linux system. But sometimes you can forget enabling the correct jails, therefore always…

If you are using WordPress & Woocommerce in combination with mod_security2, you may have some false positives. In case you are having issues, you can use the Apache (.htaccess for example) “whitelist” below. This of course as an example.   <LocationMatch…

Ipv6…nice. But using Ipv6 when sending emails to google can be a pain in the *ss. It is possible that you get the following message in your postfix logs:  Our system has detected that this message does not 550-5.7.1 meet…