Debian: MariaDB + SSL

MariaDB Server is one of the most popular open source relational databases. It’s made by the original developers of MySQL and guaranteed to stay open source. It is part of most cloud offerings and the default in most Linux distributions.

It is built upon the values of performance, stability, and openness, and MariaDB Foundation ensures …

Continue reading

Debian: Squid Proxy Server

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.

Continue reading

Debian: unattended-upgrades + needrestart

Debian 11

The purpose of unattended-upgrades is to keep the computer current with the latest security (and other) updates automatically.

If you plan to use it, you should have some means to monitor your systems, such as installing the apt-listchanges package and configuring it to send you emails about updates. And there is always …

Continue reading

Debian: apt-cacher-ng

Debian 11

A caching proxy. Specialized for package files from Linux distributors, primarily for Debian (and Debian based) distributions but not limited to those.

Continue reading

Debian: fail2ban + nftables

Debian-11-fail2ban

Fail2ban scans log files and bans IPs that show the malicious signs — too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out …

Continue reading

Debian: Apache + RemoteIP

Debian 11

Often or not someone may place a web farm behind a loadbalancer and not get appropriate remote ip address logging information on the Apache log files. Following entry will describe how to configure Apache to log with the X-Forwarder-For HTTP-Header.

Continue reading

Debian: Apache + Mod-Security + fail2ban

Debian 11

ModSecurity was originally designed for Apache web server. It could work with Nginx before version 3.0 but suffered from poor performance. ModSecurity 3.0 (aka libmodsecurity) was released in 2017. It’s a milestone release, particularly for Nginx users, as it’s the first version to work natively with Nginx. The caveat of ModSecurity 3 is that it …

Continue reading

VMware WS1XS – Cluster “down” / Synchronize Nodes

VMware Workspace One Access

In certain scenarios VMware Workspace One access can be left in a unsynchronized state. Following procedure will allow for making sure WS1XS is fully operational again and healthy. This procedure is a shortening of https://kb.vmware.com/s/article/75080 which is the official procedure.

Continue reading

Load more