Quantcast
Channel: EasyEngine Community Forum - Latest posts
Viewing all 12639 articles
Browse latest View live

Survive DDOS attack with Nginx's and fail2ban

March 16, 2018, 4:31 pm
$
0
0

I am getting below errors in /var/log/fail2ban.log

2018-03-16 22:58:54,058 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – stdout: b’‘ 2018-03-16 22:58:54,059 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – stderr: b"iptables v1.6.0: can’t initialize iptables table filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables tablefilter’: Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\ngetsockopt failed strangely: Operation not permitted\n"

2018-03-16 22:58:54,059 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – returned 1

2018-03-16 22:58:54,059 fail2ban.actions [29752]: ERROR Failed to start jail ‘sshd’ action ‘iptables-multiport’: Error starting action

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – stdout: b’’

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – stderr: b"iptables v1.6.0: can’t initialize iptables table filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables tablefilter’: Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\ngetsockopt failed strangely: Operation not permitted\n"

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – returned 1

2018-03-16 22:58:54,170 fail2ban.actions [29752]: ERROR Failed to start jail ‘nginx-req-limit’ action ‘iptables-multiport’: Error starting action

I am running it as service under root only.

Search

Moving to Debian 9?

March 16, 2018, 7:54 pm
$
0
0

ee refuses to install on Debian Stretch.

I was very happy with ee, but has no updates for too long. It is time to say “good by”.

Webmin/Virtualmin is present for more than decade. I remember using it a long time ago, found the book about Webmin from 2003

http://freecomputerbooks.com/Managing-Linux-Systems-with-Webmin.html

I’m going to install it with this recently updated Nginx module. Wish me luck. :slight_smile:

Getting problem with cloudflare

March 17, 2018, 1:15 am

Recommended way to change websites top domain

March 17, 2018, 2:30 am
$
0
0

All of my local sites use dev top domain, Chrome has been auto redirecting .dev to https since a couple of month ago, I have switched to Firefox as a workaround

The latest FF update has implemented this feature as well and I can’t access the local dev site anymore, what is the safer approach to rename the domain name?

Compile the latest nginx release from source with EasyEngine

March 17, 2018, 4:49 am
$
0
0

Hello @nschopra, yes I will update my bash script as soon as possible with the last TLS 1.3 draft (I was waiting for more informations because there was some compatibility issues with TLS 1.3 draft 20).
I have already managed to compile Nginx with Cloudflare HTTP/2 Hpack Header Compression Patch, and I will add it to my bash script in the next release.
I will take a look on the Centminmod thread about pairing Nginx with Cloudflare’s Zlib.

Letsencrypt not renewing or unable to apply letsencrypt

March 17, 2018, 10:55 am
$
0
0

About parts of a site showing off in another domain, you must edit wp-config.php of all your wp-redis sites.

There is a line like this at the end of file:

define( 'WP_CACHE_KEY_SALT', 'sitename:' );

You must ensure it is ABOVE the “stop editing” comment, otherwise it won’t be interpreted soon enough to separate the caches per domain.

Moving to Debian 9?

March 18, 2018, 3:24 am
$
0
0

Hello, I hope you will find a good alternative to EE, but the most part of apps available on multiple linux distributions are not compatible with debian 9 yet.

I have already try to upgrade some servers from debian 8 to debian 9, and EE was still working properly after the upgrade. The current limitation is the initial setup, because it require to adapt packages installed by EE with debian repositories.

Survive DDOS attack with Nginx's and fail2ban

March 18, 2018, 3:27 am
$
0
0

Hello,

what is the kernel version of your server ? Use the command uname -a to display it.

Search

To Solve ERR_SPDY_PROTOCOL_ERROR on Chrome browser

March 18, 2018, 3:31 am
$
0
0

Hello,

This issue was related to nginx ciphers_suite if I remember properly. Try to edit /etc/nginx/nginx.conf and to replace the line beginning with ssl_ciphers with the following content :

ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';

Survive DDOS attack with Nginx's and fail2ban

March 18, 2018, 3:02 pm
$
0
0

Hello,

this is the output of uname -a

Linux 40bd26f74ca0 4.9.43-17.39.amzn1.x86_64 #1 SMP Fri Sep 15 23:39:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Cloudflare setup making problem with letsencrypt

March 19, 2018, 6:58 am
$
0
0

After using cloudflare when i install letsencrypt through ee command it saying

Unable to setup, Let’s Encrypt Please make sure that your site is pointed to same server on which you are running Let’s Encrypt Client to allow it to verify the site automatically.

Correct way to have Seo freindly urls

March 19, 2018, 7:58 am
$
0
0

Can someone show me the correct way to have seo freindly URL’s in an HTML site. I have php site in ee.

What is right way to get nginx to serve /about.html for a request for domain.com/about

I am using --php because of php contact form.

Thanks

Cloudflare setup making problem with letsencrypt

March 19, 2018, 8:03 am
$
0
0

I just unclick the cloud in my DNS record. If I remember correctly it takes a bit before it starts working again/propogates. If you want all the cloudflare jazz it might be easier to use cf’s certs.

Cloudflare setup making problem with letsencrypt

March 19, 2018, 10:26 am
$
0
0

Hello,

Let’s Encrypt isn’t able to generate a SSL certificate because it only see the Cloudflare server’s IP instead of your server IP. You can disable Cloudflare proxy to generate your SSL certificate or use Cloudflare SSL Origin certificates instead of Let’s Encrypt.
An tutorial is available in my knowledgebase :

Correct way to have Seo freindly urls

March 19, 2018, 12:07 pm
$
0
0

I ended up editing …common/php.conf

location / {
  try_files $uri $uri/ $uri.html /index.php?$args;
    if ($request_uri ~ ^/(.*)\.html$) {
        return 302 /$1;
    }

}

If this is going to set the world ablaze please let me know. Worried it will be overwritten.

Search

Correct way to have Seo freindly urls

March 19, 2018, 4:53 pm
$
0
0

I don’t think that’s going to do what you want. For a URL of /about, the try_files directive would look in order for these files: about about/ about.html

And if none of those are found it will redirect the request to index.php. So I don’t think it will ever reach your next statement.

Are you trying to serve all urls without an extension but write them to php?

Recommended way to change websites top domain

March 19, 2018, 5:05 pm

Redirect all to www

March 19, 2018, 11:05 pm

Cloudflare setup making problem with letsencrypt

March 19, 2018, 11:10 pm
$
0
0

Thanks @wcat, @virtubox for your valuable response.
Thanks for the tutorial.

@virtubox i am using DO and inside DO network section i have assigned A records to my server IP, still i can’t able to create LE SSL.

And another problem i have created a site demo.mydomain.com and also added to DO networking section. when i access to demo.mydomain.com, it says

Error 526 Invalid SSL certificate

how to rectify this problem ?

Cloudflare setup making problem with letsencrypt

March 19, 2018, 11:55 pm
$
0
0

On the CloudFlare Crypto section what SSL i must choose ? because off the cloudflare ssl i can’t reach to my site and if i choose full/full-strict then i can’t able to renew the ssl.

what should i do ? please help.

Viewing all 12639 articles
Browse latest View live
Search