Syndicate content

log

How to find fail2ban errors when logs/errors don't make it anywhere?

Today I noticed that my fail2ban wasn't running.

Looking into it, I could see that an error was happening on startup. This pretty much always mean that something's wrong in the configuration files.

sudo systemctl start fail2ban
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.

However, somehow, systemd would not show me the error with the status or checking the journal and it would not write anything to the /var/log/fail2ban.log file which stayed ...

Installing / Upgrading SugarCRM

Preparations after unzip

Installing SugarCRM is generally easy, but if you don't want to just make everything writable by Apache, you may find it tricky, especially if you have problems setting up the system.

First of all, you want to get the code from SourceForget.net and extract it in the root directory of the website where you want to use it. I prefer to dedicate a sub-domain name such as crm.m2osw.com to make use of SugarCRM. That way I don't have to deal with other weird things of using this under a sub-directory.

Once in there, the user and group should be a user other than ...

Apache log says: client denied by server configuration

I work with Apache a lot. It is a really good web server that has many options and features. Unfortunately, maybe it has too many of them!

I ran in a problem where a notification from one server to another would fail with the following error:

[Fri Oct 11 19:43:50 2013] [error] [client 162.226.130.121] client denied by server configuration: <path to file>

Looking at the error, I was first thinking that my script was generating the error. The fact is that my script does not generate error 403. It has a 400 and 500 but not 403.

So looking at the error I thought, maybe that's an ...

Postfix says it does not allow relaying?!

As we are upgrading our server to jump from version 12.04 to 13.04, we encounter a few problems.

Two with Postfix, first the Postgrey port has changed. It was 60000 before, now it is 10023. Don't ask me... Anyway, that was the easy one.

The other problem was a relay error. I could send emails all I wanted, but not my partner who does not show his server as part of our Made to Order Software Corp. network. Relay is why a computer allows emails from server X to be sent to server Y through server Z. You are server Z, that's the relay.

The fact is that if you can log in your account on ...

log4cplus bug in handling %q in older versions

In the last few days I've been trying to find the reason for a slowness in one very specific case in a software. It looks like it crashes and since it includes many try/catch with (...) it certainly captures the fact, but contrary to what it is expected to do, this one does not get logged! In any event, I wanted to prove that the area where we first were looking was not affected, and sure enough it was not. The problem is somewhere else. However, to prove that I needed to have a way to log milli-seconds because things happen very fast and a 1 second decimation is definitively not enough.

Cannot log in user with Samba

Today I wasted another hour or so in trying to get samba to work for one of my Windows computer so I could connect to one of my Linux computer. I knew that the installation was correct since I could log in with another computer/user that had worked for a long time. So... why would this one fail?

Two things, for of all, I could see NOTHING happening in the logs. Really wondering why the default is to log close to nothing with such a non-secure piece of software, but that's a different question. I added the following to actually get about enough logs to understand what was happening:

log ...

Comment spam attack from 109.230.213.100

Network connections

This morning I was attacked by a robot. I quickly noticed that my websites were slow and saw a pretty large amount of traffic on port 80: 208 connections!

tcp        0      0 192.168.1.1:80          109.230.213.100:65413   ESTABLISHED
tcp      441      0 192.168.1.1:80          109.230.213.100:65445   ESTABLISHED
tcp        0      0 192.168.1.1:80          109.230.213.100:65071   TIME_WAIT 
tcp        0      0 192.168.1.1:80          109.230.213.100:65279   TIME_WAIT 
tcp      497      0 192.168.1.1:80          109.230.213.100:49326   ESTABLISHED
tcp ...

Squirrel Mail: a web based tool

Ubuntu Installation

In the last few days, I've been testing SquirrelMail. It's neat. Really ugly, but neat as it is very small and still quite functional.

To install on Ubuntu, just use apt-get install as in:

apt-get install squirrelmail

The available plugins as of Ubuntu 10.04:

  squirrelmail-compatibility - SquirrelMail plugin: Let other plugins work with older/newer SM versions
  squirrelmail-decode - SquirrelMail support for decoding exotic character sets
  squirrelmail-locales - Translations for the SquirrelMail Webmail package
  squirrelmail-lockout - SquirrelMail plugin:

Implementation of a secure log in via HTTP[S]

The following is a list of points one wants to follow in order to create a log in form and the necessary code in the backend.

Generate a secure Log In form (session id)

Each time you create a Log In form (or any form if that matters,) you should include a hidden session identifier in it. This will help you prevent users from posting to your server without first loading the form. This alone already prevents a large number of robots from flooding your server with totally useless POST commands1

  • 1. If you know why they do that, let me know because there is really no reason to send totally ...

[info] Subsequent (No.7) HTTPS request received for child 0 (server secure.m2osw.com:443)

The other day I was looking for an error in Apache error logs and I noticed an error that was repeated over and over again:

[info] Initial (No.1) HTTPS request received for child 5 (server secure.m2osw.com:443)
[info] Initial (No.1) HTTPS request received for child 0 (server secure.m2osw.com:443)
[info] Initial (No.1) HTTPS request received for child 7 (server secure.m2osw.com:443)
[info] Initial (No.1) HTTPS request received for child 2 (server secure.m2osw.com:443)
[info] Initial (No.1) HTTPS request received for child 4 (server secure.m2osw.com:443)

Notice the pattern? Only one

Syndicate content Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.