Linux
« Previous EntriesCustom 404 for Apache (using PHP!)
Thursday, November 4th, 2010Images, css, js just get a simple 404 Not Found page. Everything not in the list of items we’re checking get redirected to the homepage. So a simple typo will get the redirect, but a missing PNG file that’s called by one of our pages won’t send a copy of the homepage to the client [...]
Rootkit Hunters
Wednesday, February 10th, 2010A few resources for finding rootkits: Linux: Rootkit Hunter Chkrootkit Windows: RootkitRevealer
Cool one-line report…
Monday, July 13th, 2009sudo grep “GET https://www.miroguide.com/ HTTP/1.1″ /var/log/squid/access.log | grep “\”Miro/” | sed ‘s/^.*”-” “//g’ | sed ‘s/ .*$//g’ | grep Miro | sort | uniq -c The sort | uniq -c being the good part. It parsed 625,000 entries in the log to make this useful (to the person who asked for it) report: 2 Miro/0.9.8 [...]
Squid handling http –> https redirects
Friday, May 29th, 2009In configuring Squid to handle both our port 80 and 443 traffic, we have the issue that we can use redirects at the webserver level to redirect certain pages to https:// . So this is handled in Squid. First, make a simple script. There’s a possibility another redirector like Squirm might do a better job, [...]
Lighttpd, virtual hosts, alternative ports
Friday, May 29th, 2009In the configuration of our new server, all ports 80 and 443 traffic is handled by Squid as a reverse proxy. 8080 is the “backdoor” that bypasses Squid and hits Lighttpd directly. But the standard format of a Lighttpd virtual host entry doesn’t recognize alternate ports appended after the tld. Not a big deal, this [...]
Lighttpd, virtual hosts, and wildcard domains
Friday, May 29th, 2009So we’re setting up mirocommunity.com, and I don’t want to be hassled continously to create new hostnames in DNS. To avoid that, it’s a simple wildcard entry like this in the appropriate named database: *.mirocommunity.com. IN CNAME mirocommunity.com. Which directs everything to our server. Now our server hosts multiple sites via host entries, so we [...]
Installing Squid to handle both 80 and 443
Tuesday, May 26th, 2009This outlines configuring Squid, running two instances, to handle both port 80 and 443 traffic on an Amazon EC2 instance running Ubuntu Jaunty. We can bypass Squid by going directly to Lighttpd on port 8080. To answer a couple questions off the top, you should also read my post on how to configure http –> [...]
Optimizing Website integration with Amazon’s S3 Service
Saturday, February 28th, 2009At Participatory Culture Foundation we use Amazon’s S3 Service to host our static content — css, js, and images. This accomplishes two things — it improves the performance for our visitors since Amazon has faster performance and reliability then we can afford on our own servers, and it does so at a lower cost. In [...]
Passwords and Data Mining
Friday, February 27th, 2009I believe the working assumption must be we’re under a persistent, long term attack by organized groups. This is not just organized crime, but I suspect organized criminal groups that are tolerated by states like Russia and China if not outright state sponsored. It’s not just those old “boogey men” either — there are many [...]
NTP Configuration
Thursday, January 24th, 20081) Install ntpd if not already there. Link it to your default startup directory. ln -s /etc/init.d/ntpd /etc/rc3.d/S99ntpd 2) /etc/ntp/step-tickers: time.nist.gov pool.ntp.org 3) In /etc/sysconfig/iptables open up the port: # NTP is only accessible via the Gig Backbone: -A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 123 -s 192.168.1.0/0 -j ACCEPT 4) [...]
« Previous Entries