Tag: sysadmin

Defend against fake google bots

I can think of some reasons why folks might use the Googlebot user agent on their non-Google bots, but I can’t think of any good, upstanding reasons to do it. Here’s how one might find some fine folks who would do such a thing. As of right now (May 2018), all valid Google Bot source

kworker using cpu on an otherwise idle system

I have an old thin client that I upgraded to a home server by adding some additional RAM and storage. I noticed after a recent kernel upgrade that the system seemed sluggish at times, despite doing nothing in particular at the time. top showed that a kworker process was using CPU, not all of it,

Finding how much time Apache requests take

When a request is logged in Apache’s common or combined format, it doesn’t actually show you how much time each request took to complete. To make reading logs a bit more confusing, each request is logged only once it’s completed. So a long-running request may have an earlier start time but appear later in the

Keep getting logged out from Selfoss on Debian

I’m running Selfoss RSS reader and loving it! One thing I don’t love is that it logs me out frequently (BTW, I’m running Apache php-fpm on Debian Jessie). But I think I found a solution. Try adding this to a file called .user.ini in the document root of Selfoss: [crayon-5d7345a170061112192532/] The 604800 means one week.

LFD stops logging to kern.log

It took a while before I figured out why LFD wasn’t logging any issues to kern.log on my Debian-based systems. I realized at some point that it worked when I first installed CSF, but then logged nothing after the first day.

Apache, Fastcgi, PHP 7 on Debian Wheezy & Ubuntu 14.04

Intro: The Tyranny of Prefork There are a lot of tutorials out there that go through the rote instructions on upgrading your Debian or Ubuntu system to use PHP 7. While I’m sure most of them are fine, they assume you’d want to use the prefork process model or event/threaded via CGI (via proxy and

Debian server DNS bogosity

Note: I’m running my Raspberry Pi as a server, and NetworkManager is not installed. I discovered that if you want to manually assign search and nameserver entries in your /etc/resolv.conf file, you can’t just add the relevant entries to static entry in /etc/network/interfaces: [crayon-5d7345a170207549715999/] For some unknown reason, the resolvconf utility will still attempt to

WordPress performance problem with many posts

If you have a ton of posts in your WordPress blog (we have over 35K in one site at work), it turns out that the Previous and Next links on each post may be running a tough query on your database. I wanted to know why MySQL was using so much CPU and wrongly assumed

Allow webapps to make outgoing requests

I was experiencing a pretty bad slowdown while trying to use the admin pages of a WordPress site recently. The load on the machine was quite low, so I began to suspect that it was trying to call out to external services (facebook, pinterest, etc) that might have been blocked by CSF (configserver firewall). I

Clone hard disk with rsync

I recently wanted to move a system over to a faster, larger SSD. I didn’t want to have to re-install an OS, figure out which old files to transfer over, and then re-configure everything. That’s not a fun time in my book. Here’s what I did (on a live system, yeah!) to clone my disk.

Scripted WordPress Upgrades

This command line interface for administering WordPress is called wp-cli. It’s pretty great. I wrote a script to run from cron for updating a bunch of different WP installs in the same directory. [crayon-5d7345a170375700725234/]

Fix for LFD error in syslog

I noticed that I was getting emails from LFD (part of the ConfigServer Firewall package) about failing to find some added check line it was sending to syslog. The syslog message looks like this: lfd[%d]: *SYSLOG CHECK* Failed to detect check line [%s] sent to SYSLOG Of course I’ve replaced the pid with %d and

Switching from APF to CSF

I was enjoying trying out APF on my Raspberry Pi, but I noticed that it wasn’t blocking repeat attackers the way I wanted it to. fail2ban was working the way it was supposed to work, but it only blocks temporarily, and I never figured out why the gamin back-end to continuously monitor log files didn’t