How to use BFD tool to block WordPress brute force attacks

I have written about the excellent and lightweight (unlike fail2ban which is more popular but too resource consuming and 3rd party tools dependent) tool BFD earlier. This tool is actually the set of bash scripts that looks for known pattern in the logs and executes actions against offending IPs based on the configuration. Little is known that it’s also modular and allows to extend it’s behavior by writing custom rules to assist with more uncommon situations.

I’ve also written about widespread WordPress brute force attacks that targets wp-logon.php script. The solution I’ve offered there takes care of single WordPress site. It’s getting more difficult to mitigate the attack in case you have multiple servers with multiple WordPress sites. So I decided to come up with more general approach.

Read more »

Share Button

Sysadmin: How to delete specific messages from postfix queue

postfix
In case your server mailqueue is full of messages you want to delete, most of google found instructions are not correct – there is no mailq for postfix anymore.
Read more »

Share Button

PHP Catchable fatal error: Object of class Savant2_Error could not be converted to string

savant
This was the tale of my last couple of days. One of our long time customers was moving a bunch of web sites from various web hosting providers to her dedicated server.
As usual there was all kinds of kinks and problems during her attempts to reconfigure her web sites. Some of her sites are using Savant template system and was showing unusual behavior – request to the front page was returning status 500 – server error and while content was displaying the design of the content was altered. Unable to figure out the problem she asked for help.
Read more »

Share Button

Centos: How to run multiple mysql instances on a single server

centos_iconmysql There are plenty instruction on how to run multiple mysql instances on a single server on various blogs. Most of them are based on the original mysql rpm package produced by Oracle (nowdays). In my opinion this could be unnecessary overhead when you have OS provided mysql server package and all you need to configure another instance is to slightly modify bundled configuration and init.d script.
Read more »

Share Button

Sysadmin: how to configure nginx for Jelix PHP framework

nginxjelix I had to migrate to nginx web server some web application written using Jelix PHP framework and I’ve hard a problem with Jelix URLs that look like http://domain.com/site/script.php/arg1/arg2/arg3. Originally Jelix requires “Options +MultiViews” and “AcceptPathInfo on” in Apache config, neither of which are available on nginx. It took a while to find proper solution.
Read more »

Share Button

Rant: Why I would never have facebook account

no-fb First of all – this is my opinion, it’s emotional, biased, personal and has nothing to do with you. If you are offended by my opinion – you are not required to read, agree with it or argue with me.
Read more »

Share Button

Centos: How to fix cPanel update insufficient disk space

cpsizeerror There are certain situations when you can encounter such cPanel update error message.
In order to update cPanel has to download new files and packages to replace outdated. For this it requires about 1.8Gb of free space on /usr partition. What can you do to fix the problem if you get this error message ?
Read more »

Share Button

Centos5: cPanel update demands to upgrade MySQL

cpblocked-btn I’ve hit cpanel update “blocker” the other day going from version 11.38 to 11.40.

cPanel update demands to upgrade MySQL and would not take no for an answer – why?
MySQL version 5.1 hits end-of-life on December 2013 and even though Red Hat mysql 5.0 is different from vanilla version and has to be supported until the end of Centos 5 support, cPanel wants to cover all bases and we really don’t have a choice in the situation.
Now, what we should to to continue?
Read more »

Share Button

Centos: how to install cpanel

cpanel “Extremely friendly…widely used …de-facto industry standard” cPanel all this and more. And I dislike it as much as it popular (I’ll talk about it later).
What surprised me that cpanel.net web site does not contain the link to the installation instruction on it’s front page which should be only logical.
Read more »

Share Button

Wordpress: how to trim your wp_options table

wpautoload
In my line of work I am exposed to various Wordpress installations – different plug-in sets, different themes, various amount of content – so, I have my fair share of troubleshooting Wordpress performance issues related to almost anything.
Read more »

Share Button
Page 1 of 612345...Last »