There’s a module that let’s you authenticate via any auth method (basic auth, ldap, etc…) to specific locations, you can also set an expiration time on the cookie, so when the time expire the user will be redirected to the login page.
In this post we’ll install it on a Centos 7 server.
First we have to install all dependencies including ModSecurity and Nginx.
It’s recommended to install Nginx from the stable branch of the official repositories, this way you can update nginx without compiling it everytime however we’ll need to compile the module for ModSecurity.
Posted in Debian, Linux, ModSecurity, Nginx, Proxy, Security, Unix
Tagged crs, debian, linux, modsecurity, nginx, rules, security
When I came across with the command docker export/import I was really confused as of what is it for. I usually just save my images with docker save.
The documentation just says
docker-export - Export a container's filesystem as a tar archive
and nothing more.
So after running some tests this is what I found:
I have the next scenario where I needed to setup a MySQL Percona XtraDB Cluster on containers on 3 different servers.
I recently upgraded my server from Debian 8 to Debian 9, I also upgraded MySQL5.5 (Percona) to MariaDB 10, everything seemed fine until I noticed the database was down, and i just couldn’t bring it up, it just kept dying, after some research into the logs I found the next error:
This is a bug in Proxmox 3, when you have a high uptime, usually more than 365 days, and you want to initiate an instance (VM), you get the error:
there’s a package in debian 8 repository however it’s not the newest version (1.5), so in order to have the most recent release (1.6.5) we are going to compile it from source.
You can download it from the official page http://www.haproxy.org/#down.
If you have several flavours of web servers (tomcat, apache, nginx), and want to add SSL Certificates to them you might have noticed that you need different kind of certificates for your web servers, you can however, add SSL Certificates to all of your web servers with just one.
We’ll extract the key from the tomcat keystore so you can use the same certs on apache or nginx.
There are two ways of configuring tomcat, depending on the connector you are using, in this case we’ll configure tomcat with the default connector which needs a keystore for the certs.
You’ll need to have Java installed.
The steps to generate a CSR for tomcat are as follow:
I had a long list of video files with certain pattern on the name that I needed to remove, all the files had spaces on the name, so I used sed to work around this.